Insulet started in 2000 with an idea and a mission to enable our customers to enjoy simplicity, freedom and healthier lives through the use of our Omnipod® product platform. In the last two decades we have improved the lives of hundreds of thousands of patients by using innovative technology that is wearable, waterproof, and lifestyle accommodating.
We are looking for highly motivated, performance driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!
Position Overview
This role will support the global Cyber Risk function within the Security and Privacy Organization of Insulet’s Technology department. This role supports the organization’s third‑party cyber risk management program by executing vendor cyber risk assessments, documenting findings, and supporting risk tracking and remediation activities.
Responsibilities:
Vendor / Third-party Cyber Risk Assessments
Execute vendor cyber risk assessments using established methodologies, questionnaires, and tools.
Review vendor provided documentation, evidence, and responses to identify‑ potential security risks.
Evaluate vendor controls across key security domains (e.g., access control, data protection, incident response, business continuity) with guidance.
Document assessment results clearly and consistently in the designated GRC platform.
Escalate higher risk‑ findings or unclear responses for review.
Risk Documentation & Tracking
Create and maintain accurate vendor risk records within the cyber risk register or vendor risk module.
Assist with tracking remediation actions, follow-up‑ questions, and reassessments.
Ensure vendor risk items are properly categorized, updated, and closed when appropriate.
Support periodic review of existing vendor risks confirming continued applicability.
Cross Functional Collaboration
Partner with Procurement, Legal, Privacy, and business teams to support vendor onboarding and contract review processes.
Communicate assessment requests, clarification questions, and follow-ups to vendors in a professional and timely‑ manner.
Participate in vendor risk review meetings as a contributor or observer.
Program Support & Continuous Improvement
Follow documented vendor risk procedures and contribute feedback to improve clarity and efficiency.
Support senior team members with data gathering, reporting, and analysis related to third-party‑ cyber risk.
Build knowledge of cybersecurity frameworks (e.g., NIST, ISO) and vendor risk best practices through hands-on‑ experience.
Education & Experience
Bachelor’s degree or related experience in IT, security, computer science, or related technology discipline (preferred).
1 - 3 years of IT/Cyber Risk Management experience in a highly regulated industry, along with a demonstrated understanding of how IT risk must be balanced to support and enable the success of the business (preferred).
General understanding of third-party‑ risk, vendor assessments, or security questionnaires.
· Ability to solve problems through communication and compromise across technical and non-technical audiences, without sacrificing the appropriate risk mitigation or acceptance criteria.
Proactive in the identification of potential problems and propose solutions.
· Willingness to pursue related certifications (CRISC, CISM, CISSP, etc.).
Preferred Skills and Competencies
Excellent analytical and problem-solving skills.
Strong communication and interpersonal skills.
Familiarity or interest in GRC tools and risk tracking systems
Strong attention to detail and documentation quality.
Ability to follow defined processes and meet deadlines.
Travel Requirement: Up to 10% for business meetings, corporate events, and seminars. Primarily domestic with potential for international travel where there is a specific business requirement.