Key Responsibilities :

- Conduct comprehensive third party risk assessments for new and existing vendors across the organization.

- Prepare detailed and summary reports of assessments, including customized reports tailored to specific business needs.

- Serve as a Subject Matter Expert (SME) in third party risk, collaborating with Operational Risk, IT, Law, Privacy, Compliance, Sourcing, and Treasury to develop and apply risk assessment criteria aligned with corporate policy.

- Partner with internal stakeholders to identify and mitigate operational risks in business processes, applications, and systems tied to third party relationships.

- Ensure integration and compliance of third party risk management lifecycle elements in collaboration with IT, Sourcing, and Legal teams.

- Review vendor contracts, assess redlines, and make informed decisions on approval or rejection based on risk exposure.

- Identify and measure risks in business areas and workflows, performing due diligence to ensure effective vendor risk identification and mitigation.

- Advise business partners on risk mitigation strategies aligned with organizational risk appetite and tolerance.

- Engage directly with vendors to assess security controls, ensuring adequate protection of sensitive data and systems.

- Promote awareness of third party risks and enhance internal service models to ensure timely communication of key risk issues.

- Contribute to the development of training programs for internal teams on third party due diligence and ongoing monitoring responsibilities.

- Demonstrate leadership and influence in driving execution of third party risk initiatives.

- Apply strong analytical skills to identify issues, assess root causes, and recommend effective risk responses.

- Synthesize complex data into actionable insights and concise reports for leadership.

- Communicate effectively across all levels, delivering clear and persuasive messages.

- Manage multiple priorities in a fast-paced environment with minimal supervision.

- Foster cross-functional collaboration and maintain high professionalism and urgency.

Tools & Technology Proficiency :

Utilize tools such as MS Office (e.g. Word, Excel, PowerPoint, Visio), ServiceNow, and GRC platforms (e.g., Archer) to support third party risk assessments, reporting, and workflow management.

Knowledge & Expertise :

- Deep understanding of third party risk management, vendor oversight, and security control frameworks.

- Familiarity with industry standards and regulatory frameworks : ISO, COBIT, COSO, SOX, Basel II, GLBA, HIPAA, and business resiliency practices.

- Experience reviewing SOC reports, internal policies, and vendor documentation for completeness and compliance.

- Proven credibility as a third party risk SME, identifying gaps and recommending strategic initiatives.

- Ability to collaborate with vendors and internal teams to resolve third party risks and influence business decisions.

- Strong grasp of operational risks relevant to financial services and insurance, including fraud, cyber security, privacy, and reputational harm.

- Provide virtual leadership and guidance to analyst teams on best practices and continuous improvement in third party risk processes.