Third Party Risk Management Job Description
Third Party Risk Management Duties & Responsibilities
To write an effective third party risk management job description, begin by listing detailed duties, responsibilities and expectations. We have included third party risk management job description templates that you can modify and use.
Sample responsibilities for this position include:
Third Party Risk Management Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Third Party Risk Management
List any licenses or certifications required by the position: CISA, CISSP, CTPRP, CIA, CPA, CRISC, CISM, SOC, ISA, QSA
Education for Third Party Risk Management
Typically a job would require a certain level of education.
Employers hiring for the third party risk management job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Business, Management, Finance, MBA, Accounting, Computer Science, Education, Economics, Information Systems, Information Technology
Skills for Third Party Risk Management
Desired skills for third party risk management include:
Desired experience for third party risk management includes:
Third Party Risk Management Examples
Third Party Risk Management Job Description
- Conduct third party risk assessments in alignment with company security policies and industry standards
- Perform on site assessments of vendors to identify opportunities for improvement
- Provide input and aid in the development of policies focused on the security of third party business processes
- Foster relationships and influence the behavior internal teams and external parties
- Develop and maintain supplier risk and control monitoring plans, performing monitor activities and analysis of evidence to determine controls are operating effectively
- Complete monitor and control tasks triggered by supplier Tier and Third Party Interaction Model
- Collaborate with the line of business stakeholders to deliver year over year cost savings with managed third party relationships
- Assist in development and execution of category/supplier strategies
- Partner with internal budget owners to deliver against operating or marketing budgets
- Partner with appropriate stakeholders on contract negotiations for all managed third party relationships
- Minimum eight years of experience developing and maintaining global vendor risk management programs
- CISSP, CISM, CISA, or CRISC certification preferred
- Solid understanding of information technology and security solutions
- Responsible for proper invoice review, reconciliation, and payment
- Monitor and ensure successful delivery against third party contractual obligations
- Assist in development of, and monitor, SLA's or key performance indicators for third party relationships
Third Party Risk Management Job Description
- Manage on-boarding/off-boarding of third parties
- Proactively identify and mitigate third party related risk
- Synthesize risk and performance related data into a holistic assessment of assigned third parties
- Accountable for TPM policy requirements for all managed third party relationships
- Plan and conduct periodic third party business reviews, including appropriate stakeholders
- Assist in the development of appropriate business continuity/disaster recovery plans for managed third parties
- Responsible for managing all third party-related audits
- Partner with internal risk groups to ensure third party relationships are compliant with all relevant requirements
- Partner with appropriate stakeholders on sourcing activities which impact managed third party relationships
- Maintain constant awareness of external marketplace as it relates to third parties and/or relevant internal capabilities
- Identify mutually beneficial opportunities with third parties
- Travel to various third party sites and corporate locations when required
- Promote a continuous improvement culture with managed third parties
- Manage supplier training, as required
- Partner with appropriate stakeholders on negotiations for all managed third party relationships
- Demonstrate outstanding communication and relationship building, business judgment on contract issues, strong problem identification and problem resolution
Third Party Risk Management Job Description
- Be in regular contact with lines of business to monitor third party service providers for important incidents
- Maintain the third party risk management policy and procedure
- Maintain the main third party risk management system, RSA Archer
- Be responsible for the enforcement of third party risk management policy and procedure on a bank-wide basis
- Assist in preparation of Head Office reporting (Outsourcing vendors, forms, annual assessment)
- Prepare Head Office reporting (Outsourcing vendor forms)
- Assist in preparation of Head Office reporting (annual assessment)
- Design and optimize third party request portal operations
- Manage initial third party risk ratings performed by the SPM team pre-contract
- Manage and monitor third party risk assessments in partnership with internal stakeholders and external third parties
- At least 1 year of experience in Project management or at least i year of experience in process management
- Strong background both educationally and via professional experience
- Proven ability to rapidly learn new concepts and ideas, and integrate and assimilate information of various levels of complexity and relationships across broad, multifunctional content areas
- Leads with confidence while negotiating tough political situations
- University degree in Accounting, Finance or Risk Management
- Experience within a large financial institution is highly preferred
Third Party Risk Management Job Description
- Requirements will include identifying third party’s, industry economic and market conditions, forecasting demand, create and manage RFx
- Lead negotiations of terms and pricing, manage contract and contract compliance
- Manage third party relationships, post-contract service levels, metrics and third party management
- Drive best value for the business and challenging business stakeholders where necessary
- Deliver innovative solutions, contributing to the category third party roadmap and ensuring that longer term sourcing decision are considered during category development
- Drive departmental processes and procedures to ensure processing of agreements and purchase orders in accordance with company requirements in a timely manner
- Facilitate the review, distribution, and tracking of all RFPs and third party responses, all related pre- and post-RFP analysis, awarding, and savings tracking
- Oversee the processing of vendor-related legal agreements, including Statements of Work, Customer Service Agreements, Consultants, Outsourced work, fixed price workers and Non-Disclosure Agreements
- Maintain files and database of all sourcing contracts
- Lead structured analysis of third party industry, economics, and market conditions
- High School Degree or military experience
- Metric definition capabilities
- Advanced degree and applicable industry certifications
- 3+ years in audit, risk or compliance disciplines
- Strong organizational, analytical and project management skills, including the ability to prioritize several projects at one time
- Exercises sound business judgment unvarnished by ego or by the momentum of immediate events
Third Party Risk Management Job Description
- Ensure the respective contract owners are monitoring, reviewing and mitigating risk associated with the third parties in accordance with the TPRM framework, which includes outsourcing framework
- Ongoing vendor monitoring, including coordination with the first line Business Unit for completion of required TPRM program documentation
- Lead continuous improvement initiatives and identify cost efficiencies activities related to vendor management
- Ensure that all third party relationships are captured in a centralized inventory in a timely manner
- Champion and monitor the Bank’s supplier diversity program
- The VP of Third Party Risk Management and Oversight will provide strategic direction and leadership to the Third Party Risk Management department
- Responsible for executing the development/ongoing maintenance of Third Party Security Assessment processes and procedures which includes but it not limited to, onboarding, risk profiling, performing assessments, risk identification and communication, remediation and off boarding
- Partner with the Archer eGRC team to advance capabilities, including automation and drive efficiencies and reporting
- Travel to and perform onsite assessments
- Support Vendor Identity Management Portal Governance as directed
- At least 5 years of experience in operations management or at least 5 years of experience in procurement, vendor, or risk management
- An information security certification is a plus -- to demonstrate proficiency and knowledge of information security best practices and concepts
- Relevant industry certifications, such as Security+, GSEC, ISC2, ISACA
- Bachelors or Master’s/MBA (preferred) degree in engineering, technology, business or other quantitative field of study
- 10+ years of strategic sourcing, third party and contract management experience
- Strong experience in category management and managing internal stakeholder relationships