Application Guide

How to Apply for Senior Specialist, Information Security, Third Party Risk

at Ppfa

🏢 About Ppfa

Planned Parenthood is a mission-driven organization that provides essential sexual and reproductive health care, education, and advocacy. Working here means contributing to a cause that directly impacts millions of lives, with a strong commitment to equity, inclusion, and social justice. The remote-first culture and 'In This Together' ethos foster a supportive and collaborative environment.

About This Role

As a Senior Specialist in Third Party Risk, you will assess and manage security risks associated with vendors and partners, ensuring that PPFA's data and systems remain protected. This role is critical in safeguarding the sensitive health information of patients and maintaining trust in Planned Parenthood's services. Your work directly supports the organization's mission by enabling secure collaborations with external entities.

💡 A Day in the Life

Your day might start with reviewing new vendor onboarding requests and prioritizing assessments based on risk tier. You could then meet with a procurement team to discuss contract terms, followed by deep-diving into a vendor's SOC 2 report. Afternoons often involve documenting findings, updating risk registers, and collaborating with IT to ensure remediation plans are on track.

🚀 Application Tools

Generate Cover Letter

AI-powered, tailored for Ppfa

Interview Prep

Practice questions for this role

🎯 Who Ppfa Is Looking For

  • Experienced in third-party risk management, with a strong understanding of security frameworks like NIST, ISO 27001, or SOC 2.
  • Skilled in conducting vendor risk assessments, due diligence, and continuous monitoring, with attention to regulatory requirements such as HIPAA.
  • Able to communicate complex security risks to non-technical stakeholders and collaborate across teams to implement remediation plans.
  • Passionate about Planned Parenthood's mission and comfortable working in a values-driven, sometimes politically charged environment.

📝 Tips for Applying to Ppfa

1

Highlight specific experience with health care or similarly regulated industries (e.g., HIPAA compliance) in your resume and cover letter.

2

Demonstrate your familiarity with remote work tools and practices, as this is a fully remote role.

3

Quantify your impact in previous roles, e.g., 'Reduced vendor risk ratings by 30% through improved assessment processes.'

4

Mention any experience with risk management platforms (e.g., Archer, ServiceNow) and how you've used them to streamline workflows.

5

Show alignment with PPFA's mission by briefly mentioning your interest in reproductive health or social justice issues.

✉️ What to Emphasize in Your Cover Letter

["Express genuine passion for Planned Parenthood's mission and how it aligns with your personal values.", 'Emphasize your expertise in third-party risk management within a regulated environment, especially health care.', 'Provide a concrete example of a successful vendor risk mitigation you led, including the outcome.', 'Highlight your ability to work collaboratively across departments and communicate risk to non-technical audiences.']

Generate Cover Letter →

🔍 Research Before Applying

To stand out, make sure you've researched:

  • Review PPFA's annual report or mission statement to understand their current priorities and challenges.
  • Read about recent data breaches in the health care sector to understand the threat landscape.
  • Familiarize yourself with PPFA's affiliate structure and how third-party risk might vary across affiliates.
  • Look into any public statements or policies on information security from PPFA's leadership.

💬 Prepare for These Interview Topics

Based on this role, you may be asked about:

1 How do you prioritize risks when assessing multiple vendors with limited resources?
2 Describe a time you identified a critical security gap in a vendor and how you managed the remediation.
3 How would you explain a complex third-party risk issue to a clinical director who has no security background?
4 What is your experience with HIPAA and how does it apply to vendor management in a health care setting?
5 How do you stay current with evolving threats and regulatory changes affecting third-party risk?
Practice Interview Questions →

⚠️ Common Mistakes to Avoid

  • Don't focus solely on technical jargon without connecting it to business impact or mission alignment.
  • Avoid generic statements about 'passion for security' without tying it to PPFA's specific context.
  • Don't overlook the importance of soft skills like collaboration and communication, which are key in a remote, cross-functional role.

📅 Application Timeline

This position is open until filled. However, we recommend applying as soon as possible as roles at mission-driven organizations tend to fill quickly.

Typical hiring timeline:

1

Application Review

1-2 weeks

2

Initial Screening

Phone call or written assessment

3

Interviews

1-2 rounds, usually virtual

Offer

Congratulations!

Ready to Apply?

Good luck with your application to Ppfa!

← Back to Job Listing Apply Now →