Senior Consultant, Third Party Issue Management - Third Party Risk Management

About The Position

Requirements

• Proven track record managing vendor risk and/or leading large-scale risk or compliance initiatives.
• Expertise in third-party risk frameworks and regulatory requirements.
• Experience with tools such as Coupa, ServiceNow, Cybeta, Interos or similar.
• Strong organizational skills.
• Ability to influence activities across multiple teams and across business units.
• Outstanding writing, communication, and presentation skills.
• Sound analytical and problem-solving skills.
• Strong networking ability to develop internal and external networks based on integrity and credibility through active listening and understanding.
• Bachelor's degree and approximately 10 years of related work experience with clear understanding of and experience in the Three Lines of Defense model.
• A thorough understanding of third-party (i.e., vendor, supplier, etc.) risk management, with prior experience in designing program solutions, risk scoring and aggregation methodologies and designing committee reporting.
• Understanding of global risk regulatory requirements with emphasis on US (OCC Bulletins, FFIEC, FRB, FDIC) or UK (PRA, FCA).
• A TPRM related certification such as CTPRP or CTPRA.

Responsibilities

• Responsible for tracking program throughput through the various third-party management life cycle elements (Planning, IRQs, DDQs, Ongoing Monitoring, Contracting and Termination), periodic inventory review, open issues and open risk acceptance review and tracking of all internal projects.
• Primary area of focus will be to align to the formal, enterprise-level program and processes that require consistent identification, logging, tracking, remediation, validation, and reporting of third-party-related issues and incidents. These processes explicitly rely on ServiceNow for issue/incident tracking and Coupa for linkage to supplier risk, due diligence, and contractual context.
• Responsible for designing and periodically reviewing program-related artifacts, risk methodologies, service categories and associated risk profiles, reporting thresholds, etc.
• Accountable for assisting and guiding business partners through various stages of the third-party lifecycle to ensure quality program execution.
• Identify gaps and drive continuous improvement across the TPRM lifecycle (e.g., onboarding, due diligence, monitoring, offboarding).
• Suggest and participate in improvement projects that automate or streamline repetitive tasks (e.g., through Coupa tools or workflow automation platforms).
• Maintain strong documentation and evidence of controls, risk decisions, and remediations.
• Track milestones, dependencies, and deliverables across projects and/or an assigned portfolio of relationships.
• Engage with risk domain SMEs, vendors, and vendor relationship managers.
• Serve as the point of contact for program performance updates, risk issue escalations, and regulatory reviews.
• Responsible for engaging with and assisting 2LOD partners by providing business users' input for 2LOD deliverables.
• Use dashboards and key risk indicators (KRIs) to monitor third-party risk posture and performance and determine areas of focus.
• Report progress to the board, risk committees, and regulators as needed.
• Participate in cross-functional teams associated with Third Party program requirements in areas such as design & strategy, enterprise critical vendor management, and other SMEs related subjects.

Benefits

• Retirement benefits (401k and pension)
• Health and welfare benefits (medical, dental, vision, spending accounts and disability)
• Paid time off
• Parental and caregiver leave
• Life & accident insurance
• Other voluntary and well-being benefits
• Discretionary bonus program that may include an equity component