Senior Consultant, Third Party Issue Management - Third Party Risk Management

About The Position

Requirements

• Proven track record managing vendor risk and/or leading large-scale risk or compliance initiatives.
• Expertise in third-party risk frameworks and regulatory requirements.
• Experience with tools such as Coupa, ServiceNow, Cybeta, Interos or similar.
• Strong organizational skills.
• Ability to influence activities across multiple teams and across business units.
• Outstanding writing, communication, and presentation skills.
• Sound analytical and problem-solving skills.
• Strong networking ability to develop internal and external networks based on integrity and credibility through active listening and understanding.
• Bachelor's degree and approximately 10 years of related work experience with clear understanding of and experience in the Three Lines of Defense model.
• A thorough understanding of third-party (i.e., vendor, supplier, etc.) risk management, with prior experience in designing program solutions, risk scoring and aggregation methodologies and designing committee reporting.
• Understanding of global risk regulatory requirements with emphasis on US (OCC Bulletins, FFIEC, FRB, FDIC) or UK (PRA, FCA).
• A TPRM related certification such as CTPRP or CTPRA.

Responsibilities

• Responsible for tracking program throughput through the various third party management life cycle elements (Planning, IRQs, DDQs, Ongoing Monitoring, Contracting and Termination), periodic inventory review, open issues and open risk acceptance review and tracking of all internal projects.
• Primary area of focus will be to align to the formal, enterprise-level program and processes that require consistent identification, logging, tracking, remediation, validation, and reporting of third-party-related issues and incidents, utilizing ServiceNow for issue/incident tracking and Coupa for linkage to supplier risk, due diligence, and contractual context.
• Responsible for designing and periodically reviewing program related artifacts, risk methodologies, service categories and associated risk profile, reporting thresholds etc.
• Accountable for assisting and guiding business partners through various stages of third party lifecycle to ensure quality program execution.
• Identify gaps and drive continuous improvement across the TPRM lifecycle (e.g., onboarding, due diligence, monitoring, offboarding).
• Suggest and participate in improvement projects that automate or streamline repetitive tasks (e.g., through Coupa tools or workflow automation platforms).
• Maintain strong documentation and evidence of controls, risk decisions, and remediations.
• Track milestones, dependencies, and deliverables across projects and/or an assigned portfolio of relationships.
• Engage with risk domain SMEs, vendors and vendor relationship managers.
• Serve as the point of contact for program performance updates, risk issue escalations, and regulatory reviews.
• Responsible for engaging with and assisting 2LOD partners by providing business users' input for 2LOD deliverables.
• Use dashboards and key risk indicators (KRIs) to monitor third-party risk posture and performance and determine areas of focus.
• Report progress to the board, risk committees, and regulators as needed.
• Participate in cross-functional teams associated with Third Party program requirements in areas such as design & strategy, enterprise critical vendor management, and other SMEs related subjects.

Benefits

• retirement benefits (401k and pension)
• health and welfare benefits (medical, dental, vision, spending accounts and disability)
• paid time off
• parental and caregiver leave
• life & accident insurance
• other voluntary and well-being benefits
• discretionary bonus program that may include an equity component