The Third-Party Risk Specialist is responsible for scheduling, coordinating and maintaining quality of the end-to-end assessment process for third-parties. This individual will also be involved in the issue management process and management of issues identified through these third-party assessments. In addition, this role will be supporting the implementation of a common and consistent Third-Party Risk Management (TPRM) program to effectively manage third-party risk in accordance with internal policy and regulatory requirements.
- Schedule, coordinate and review the end-to-end assessment process for new and existing third-parties
- Perform due diligence on all new and existing third-parties in accordance with TPRM policies and procedures
- Review and analyze all relevant third-party documentation received, perform required financial and regulatory checks.
- Engage with Subject Matter Experts
- Review and ensure that all third-party metadata, including status, is accurately maintained in TPRM database
- Effectively communicate the status of open third-party issues
- Assist other team members, including performing quality peer reviews
- Contribute to the permanent improvement of the third-party risk management program (process, framework, indicators…)
- Participate in the definition of roadmaps and manage accordingly
- Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required internal standards and regulations
- Maintain broad knowledge of best practices and trends in Third-Party Risk Management
- Work as a member of the team, supporting necessary activities to ensure the success of the TPRM program as may be delegated by the Head of TPRM
- BA/BS required
- More than 5 years of related experience (e.g. Third-Party Risk, Vendor Management, Supply Chain Management Operational Risk, Audit)
- CTPRP preferred
- Knowledge of various assessment types (e.g., Share Assessments for suppliers, self-assessments, SOC reports, audits, vulnerability assessments, penetration tests, third-party assurance)
- Understanding of the key elements of the Third Party Risk Management Lifecycle
- Experience in planning, organization and conducting Third-Party Assessments and Review
- Proven capabilities in influencing and negotiating priorities.
- Experience working in the Insurance or Financial services sector preferred