As the 3rd Party Security Risk Manager you will be responsible for development and management of the 3rd Party Security Risk programat General Mills. In this role you will be responsible for growing and improving current 3rd Party Security Risk practices in order toproperly identify and educate stakeholders on regulatory, strategic, geographical, reputational, and operational security risk that exist withcurrent and future General Mills vendors. Key responsibilities will include maturation and/or development of procedures relating to legal & procurement practices, 3rd party discovery, risk assessments, monitoring, and governance. This role will partner effectively with all levels of the organization, provide thought leadership, lead and mentor others, drive results, and provide process expertise.
- Establish or refine internal policies, standards, processes, and templates for addressing 3rd party security risks.
- Lead and coach a team of 2 direct reports.
- Develop and implement contract practices, monitoring procedures, and remediation requirements needed to lower unacceptable 3rdparty risk.
- Optimize 3rd party classification and assessment procedures to identify critical risks to security and operations.
- Develop and communicate detailed security reports and key vendor data to stakeholders.
- Maintain/enhance 3rd party risk tools, including vendor assessment, analytics, and risk management tools (scorecards and dashboards).
- Analyze problem areas and help resolve issues and disputes.
- Define and hold strategic vendor security reviews. Identify risk mitigation opportunities and manage regular meetings between security, sourcing, stakeholders and strategic 3rd
- Develop strategies for various capabilities including 4th party assessments, on-site audits, 3rd party intelligence, and 3rd party vulnerability management.
- Grow the 3rd Party Risk department through clear strategy, people development, and training.
- Manage global 3rd party resources across multiple GMI locations.
- Develop and manage relationships with corporate sourcing and procurement.
- Bachelors degree
- 5-7 years of 3rd Party Risk Management or related experience
- 3-5 years of experience managing direct reports
- Strong relationship management skills
- Strong communication and collaboration skills
- Results-oriented, high energy, self-motivated
- Self-starter with ability to drive an item from concept to full implementation with minimal guidance
- Experience in managing a global team located in various locations
- Ability to prioritize and complete multiple tasks on tight deadlines
- Ability to conduct thorough analysis and recommend data driven actions
- Focused curiosity and drive to independently push through ambiguity to obtain results
- Strong oral & written communication, listening and presentation skills.
- 3rd party risk certification (e.g. CTPRP)