Third-Party Risk Manager (Remote)

Third-Party Risk Manager
Lead design of break/fix and enhancement process and technology improvement efforts.
Assess BU supplier requests to determine initial risk level.
Manage IT incident and vulnerability process and coordinate with suppliers.
Direct daily activities of contingent workers.
Develop program documentation and training.
Oversee assessments performed by TPR (versus risk partners like Compliance and Cyber).
Ensure system data maintenance (Supplier Manager role changes, etc.).
Maintain Minimally Managed and Centrally Managed supplier categories.

Position Responsibilities
TPR Archer Process Design & Data Maintenance.
Log system and process defects and enhancement requests, plan periodic improvement releases, develop associated change management plans and training.
Maintain system data by developing data sources/feeds (user contact and employment status, supplier contacts, supplier deactivation at end of contract).
Develop or update program procedures, job aids, and training materials.
Write system notifications and TPR communications.

TPR Assessments
Develop assessments required by regulatory guidance (Financial, Reputation, Concentration, etc.) but for which there are no identified risk partners.
Maintain documentation and tools supporting TPR Assessments.
Oversee periodic TPR Assessments of suppliers and support business unit users who have suppliers with unfavorable results (explain results, suggest mitigation, etc.).

Team and Project Management
Direct supervisor for contingent and junior analysts.
Develop and present TPR program during regulatory and audit examinations in support of Program Owner (Mgr Ops and Third-Party Risk).
Identify coordination opportunities with other Risk functions to share resources, reduce impact to first line, and facilitate common approaches.
Serve as project manager for responses to audit and regulatory findings

Jointly lead (with Cyber) during IT incidents and vulnerabilities that involve suppliers.
Initial Disposition
Perform initial disposition of supplier requests to determine if the proposed outsourcing requires inclusion under TPR program governance.
Maintain lists of minimally managed and centrally managed suppliers (outside of TPR program governance).

Position Competencies
Excellent communication and problem-solving skills
eGRC Archer experience required
Proficient with Microsoft Word, Excel, PowerPoint
Ability to gather business requirements and translate into technical requirements and design documents

Qualifications
Bachelor’s Degree from an accredited University
7 years Third Party Risk Management
10 years financial services
5 years eGRC Archer
5 years team management
Oaktec Building
8:00am – 5:00pm Monday – Friday. This position offers a hybrid work model that includes onsite and remote days as determined by the manager.