What You’ll Do
• Support the Maturity of the Third-Party Risk Management Program by providing recommendations and helping to provide strategy deliverables.
• Be open to change and provide leadership by leading TPRM staff across the enterprise to welcome/accept change.
• Provide periodic reports to management and stakeholders.
• Manage vendor reviews with the TPRM team that may not fit into a defined program.
• Own the completion of the business and vendor review process while managing the entirety of the vendor lifecycle, which includes vendor risk classification, due diligence review, contract negotiation, ongoing monitoring, and termination.
• Evaluate third parties as a subject matter expert in the areas of operation, fourth parties, compliance, tech risk, financials, and reputation for compliance to company standards, TPRM policies, and Federal regulations.
• Utilize and work to enhance TPRM technology to follow the due diligence process and escalate issues and concerns (e.g., oversight deficiencies, program concerns, and open risk items)
• Develop solutions for remediation of identified risks and be able to document and speak to those mitigants.
• Complete formal written risk assessment of vendors and communicate risk assessment findings to Procurement, business line owners, Legal and other pertinent stakeholders.
• Read and understand contractual agreements to ensure identified risks comply with the Company's policies and procedures, legal, and regulatory requirements, and financial control guidelines.
• Establish good peer relationships and foster collaboration with internal and external stakeholders to provide top tier customer service.
• Provide training to TPRM employees both new and existing.
What do you need?
• Minimum 7 years of knowledge of Third-Party Risk Management methodologies and regulatory guidance and or risk management at a fintech organization.
• Minimum 5 years of experience at a Bank, financial institution, larger corporation, or a fintech.
• Bachelor’s degree or equivalent experience.
• Well versed in financial regulatory and supervisory expectations in the risk areas.
• Expert level creative thinking and strong “on the spot” problem solving skills.
• Hands-on experience with executing on a Third-Party Risk Management program.
• Proven experience in contract management, being able to read a contract and understand and communicate contractual provisions and the impact to risk.
• Familiarity with vendor technology risk assessment controls and associated subdomains (i.e., information security, business continuity, etc.) or similar experience in related IT-audit or IT-audit support roles
• Familiarity with the current regulatory environment on Technology-related Vendor Risk for financial institutions, i.e., OCC 2013-29, FFIEC BRP/DR Handbook, FDIC guidance.