Vendor Risk Manager

About The Position

Requirements

• Bachelor’s degree in related field or direct and applicable work experience in third-party risk management, sourcing, procurement, or enterprise risk management, or a heavily regulated industry (such as insurance, financial services, banking, etc.).
• Minimum 2 years of experience managing relationships such as vendor management, account management and/or risk management, including conducting initial and ongoing vendor due diligence, risk assessments, and recommending risk mitigation strategies in accordance with company policies and procedures.
• Minimum of 1-year of procurement and contract administration experience.
• Prior experience creating and defining processes and developing metrics to measure impact. Ability to learn new technology and tools quickly.
• Strong collaboration and interpersonal skills with the ability to quickly build relationships focused on collaboration and trust. Demonstrated ability to develop and maintain high-performance relationships with internal and external stakeholders and customers with the ability to influence without authority and communicate upward and across divisions.
• Demonstrated ability to exhibit a risk management mindset, one focused on overall risk assessments with the ability to think critically to assess details and the big picture to recommend risk mitigation strategies.
• Possess excellent written and verbal communication skills with experience developing presentations and presenting to others including up to the executive level within an organization.
• Ability to solve problems, develop solutions, and proactively partner to assist business leaders in achieving financial and performance goals and objectives and drive results.
• Must be self-motivated and have a sense of urgency, and is flexible and adaptable to change, with the ability to see what needs to be done and take action to ensure successful and timely accomplishments of business needs.
• Proficient in Microsoft Office (Word, Excel, and Power Point).

Nice To Haves

• Bachelor’s degree.
• Certified Third-Party Risk Professional (CTPRP) or Certified Third-Party Risk Assessor (CTPRA).
• Prior experience in Health Insurance industry.

Responsibilities

• Serve as centralized vendor contact and facilitator in partnership with the Business Vendor Owner (BVO), to manage the vendor relationship, drive innovation, manage risk, compliance, and performance expectations. Communicate and build relationships with assigned vendors and internal stakeholders to ensure they are properly educated on Wellmark’s Vendor Management program and ongoing expectations for vendors throughout the life of the relationship.
• Review and interpret assigned contracts and document relevant contract provisions for monitoring vendors within the Vendor Management program.
• Maintain a working knowledge of Wellmark’s corporate contract standards.
• Review and scrutinize vendor agreements to ensure that Wellmark and the business can effectively monitor and evaluate risk. As requested, facilitate discussions with internal and external stakeholders regarding the rights and obligations contained within each contract, consulting with Legal, Contract Administration, Privacy, and others, as needed.
• Determine criticality of vendor services, in collaboration with BVO and other internal stakeholders, to determine inherent risk of the vendor to Wellmark. Determine inherent risk score based on corporate standards which include, data, dependency, criticality, exclusivity, member impact, building access and spend.
• Based on the inherent risk of the vendor, facilitate initial and on-going risk assessments, and due diligence for Wellmark vendors and their subcontractors. Collaborate with the Vendor Risk Management Coordinator to review and track assessments and ongoing due diligence daily to ensure they are completed in the specified timeframe and follow-ups are sent as appropriate and in accordance with Wellmark policies and procedures.
• Collaborate with SMEs to review vendor risk assessments and due diligence for completion and evaluate risk. Risk assessments and due diligence performed include, but are not limited to security reviews, business continuity, disaster recovery, SOC audits, financial reviews, government required compliance reviews, merger and acquisition assessments, certificates of destruction (COD), and offboarding due diligence.
• Collaborate with vendor, Legal, BVO, and SMEs to address any findings or deficiencies to remediate risk to Wellmark, and as applicable create risk mitigation strategies, performance management plans, suggest process improvements, and/or contract changes. Escalate and present identified residual risk according to company policies and procedures that are built based upon Wellmark’s risk appetite, and/or regulatory/government programs, to Wellmark's Vendor Management Steering Committee.
• In accordance with Wellmark policies, identify and initiate recommendations for vendor contractual terms, whether due to outcomes of vendor assessments, residual or inherent risk, and/or performance/relationship issues that may arise during the vendor lifecycle. Assist in coordination between business partners and vendors to ensure vendor contract terms and requirements are understood and expectations are met.
• In partnership with Vendor Management leadership and SMEs, identify which vendors require onsite assessments, determine all relevant stakeholders, develop an agenda, and facilitate and lead the onsite assessment.
• Assist in and facilitate the management and monitoring of vendors that are covered by government programs or regulatory bodies. Fulfill Blue Cross Blue Shield Association requests and/or requirements, as applicable.
• Assist Wellmark’s Cyber Security Team with inquiry, follow up, and remediation of vendor security incidents.
• Assist the BVO with management of the relationship for assigned vendors, including monitoring of overall performance. This includes but is not limited to overseeing performance management plans for vendors, while seeking input and participation in the vendor management process from all stakeholders within Wellmark and escalating as necessary.
• Assist in the development of tools and processes (e.g., vendor management sites or systems, vendor scorecards, communication templates, training, etc.) to monitor and manage vendor performance and risk based on established criteria.
• Provide on-going vendor scorecard reporting and analysis to internal and external parties, including the Executive Steering Committee, to facilitate adequate monitoring, review, and follow-up on vendors’ operational performance, risk profile, and contractual compliance.
• Work collaboratively with department peers and internal stakeholders to ensure SLA’s, deliverables, compliance requirements and expectations for participation in the Vendor Management program are adequately incorporated into RFx’s and all appropriate vendor contracts.
• Advocate and educate by serving as an ambassador for Vendor Management and Procurement Services. Assist with the investigation of new opportunities and leverage technology solutions to improve the efficiency and/or effectiveness of vendor management processes. Participate on project teams to identify areas for process improvement.
• Other duties as assigned.