Position: Third Party Risk Specialist
Location: Fully remote
Duration: 6 months
Job Description
Summary: The Third-Party Risk Specialist is responsible for scheduling, coordinating, and maintaining quality of the end-to-end assessment process for third parties. This individual will also be involved in the issue management process and management of issues identified through these third-party assessments. In addition, this role will be supporting the implementation of a common and consistent Third-Party Risk Management (TPRM) program to effectively manage third-party risk in accordance with internal policy and regulatory requirements.
Major Responsibilities
Schedule, coordinate and review the end-to-end assessment process for new and existing third parties.
Perform due diligence on all new and existing third parties in accordance with TPRM policies and procedures.
Review and analyze all relevant third-party documentation received, perform required financial and regulatory checks.
Engage with Subject Matter Experts.
Review and ensure that all third-party metadata, including status, is accurately maintained in TPRM database.
Effectively communicate the status of open third-party issues.
Assist other team members, including performing quality peer reviews.
Contribute to the permanent improvement of the third-party risk management program (process, framework, indicators).
Participate in the definition of roadmaps and manage accordingly.
Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required internal standards and regulations.
Maintain broad knowledge of best practices and trends in Third-Party Risk Management. Work as a member of the team, supporting necessary activities to ensure the success of the TPRM program as may be delegated by the Head of TPRM.
Qualifications
BA/BS required.
More than 5 years of related experience (e.g., Third-Party Risk, Vendor Management, Supply Chain Management Operational Risk, Audit).
CTPRP preferred.
Knowledge of various assessment types (e.g., Share Assessments for suppliers, self-assessments, SOC reports, audits, vulnerability assessments, penetration tests, third-party assurance).
Understanding of the key elements of the Third-Party Risk Management Lifecycle. Experience in planning, organization and conducting Third-Party Assessments and Review Proven capabilities in influencing and negotiating priorities.
Experience working in the Insurance or Financial services sector preferred