The VP will play a critical role in supporting the first line of defense in the implementation of the TPRM program. The VP will oversee the team responsible for execution of the TPRM lifecycle, including initial onboarding, due diligence, assessment, contracting, ongoing monitoring, termination and off-boarding of third party vendors. The VP will be responsible for supervising staff and ensuring the daily activities relating to the TPRM program are executed in adherence with internal policies, standards and procedures and in line with regulatory requirements. The VP will also provide guidance and support to business owners and other internal stakeholders through all phases of the program and assist with reporting metrics.
The VP will be responsible for the following:
- Overseeing, guiding and mentoring staff in the completion of end-to-end TPRM lifecycle activities including by reviewing the adequacy of the controls in place, reviewing services with business owners, mapping services to business processes, maintaining the third party inventory, documenting process flows, reconciling services to other internal workflows, defining assessment scope and establishing a test plan, reporting on progress of the program.
- Assisting with development of key performance indicators (KPIs) and key risk indicators (KRIs) to identify issues for escalation and track compliance with the TPRM program.
- Overseeing the maintenance of the GRC tool and input of third party vendor inventory
- Assisting in the maturation of the TPRM Program by developing and driving implementation of industry best practices and standards.
- Serving as an internal subject matter expert on managing third party vendor management.
- Driving appropriate stakeholder participation in the TPRM program.
- Liaising with key functional teams, such as operational risk, IT, internal audit, legal, compliance and the business to perform third party risk management actives for new and existing vendors.
- Bachelor’s degree, advanced degreepreferred
- At least 5 years working directly in Third Party Risk Management or Operational Risk
- Experience working in a financial institution preferred
- Prior experience as a manager or team
- Experience with building a Third Party Risk Management Program
- Experience working with and maintaining a GRC tool
- Strong understanding of managing third party risks in an enterprise-wide program
- Executive presence and ability to communicate issues, observations and concerns to management
- Relationship management skills to develop strong partnerships across the organization
- Innovative, well versed in developing new ideas and improving current processes
- Professional certifications a plus, including CTPRP, CISSP, CISA or equivalent
- Excels in MS Office Suite, including Word, Excel, and PowerPoint