Third Party Risk Program Manager
Third Party Risk Program Manager
Posted on :
10-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
10-04-2025
Job Description
Job Details
West Des Moines IA
Description
- ThirdParty Risk Management and Sourcing
ThirdParty Risk Assessment and Management
- Design and execute a thirdparty risk management program aligned with the organizations overall risk strategy.
- Assess and categorize risks associated with third parties suppliers and partners including operational financial regulatory cybersecurity and reputational risks.
- Conduct due diligence and periodic risk reviews of third parties to ensure compliance with company policies and regulatory requirements.
- Monitor and address thirdparty risks including cybersecurity operational and regulatory risks through ongoing oversight and audits.
Sourcing and ThirdParty Selection
- Partner with internal stakeholders to define sourcing requirements and identify potential third parties.
- Lead the third party selection process including RFPs and RFIs ensuring alignment with cost quality and risk considerations.
Risk Mitigation and Compliance
- Develop and implement risk mitigation strategies for highpriority risks including contingency plans for critical third parties.
- Ensure sourcing and third party risk management practices comply with applicable laws regulations and industry standards (e.g. NYDFS ISO 27001 CCPA).
- Support internal and external audits regulatory reviews and assessments related to enterprise and thirdparty risk.
Third party Onboarding Contract Management and Monitoring
- Oversee the onboarding of third parties including contract negotiations and risk assessments.
- Ensure contracts appropriately address and transfer risks to thirdparties.
- Establish processes to ensure critical vendor key terms and servicelevel agreements (SLAs) are upheld.
- As needed conduct ongoing monitoring and performance evaluations and compliance reviews for active third parties.
CrossFunctional Collaboration
- Collaborate with departments such as Accounting Legal Compliance and IT to align thirdparty risk management and sourcing strategies with organizational goals.
Reporting and Analytics
- Develop and maintain risk and sourcing metrics key performance indicators (KPIs) and key risk indicators (KRIs).
- Provide detailed reports and insights on thirdparty risks and sourcing performance to senior leadership.
Training and Awareness
- Design and deliver training programs to educate associates on ERM principles third party risk management practices and sourcing policies.
- Foster a culture of proactive risk management and compliance across the organization.
- TPRM Manager
- Regularly evaluate team members performance to provide constructive feedback identify areas for improvement and recognize achievements thereby fostering professional growth and enhancing team effectiveness.
- Develop and oversee the TPRM team budget to ensure optimal allocation of resources costeffectiveness and alignment with organizational financial objectives.
- Collaborate with senior management to define the strategic direction of the TPRM function setting longterm goals and formulating plans to achieve them ensuring that the teams efforts align with the organizations overarching mission and objectives.
- Identify skill gaps within the team and facilitate training programs to enhance competencies ensuring team members are wellequipped to manage emerging thirdparty risks effectively.
- Encourage and facilitate communication and cooperation between the TPRM team and other stakeholders (e.g. legal IT business continuity compliance vendor owners) to ensure a cohesive approach to risk management across the organization.
- ChatGPT Integration and AI Risk Management Specialist
- Integrate and maintain AI solutions within the risk department to improve efficiencies and quality of outcomes (documentation and risk intelligence).
- In partnership with senior leadership and ChatGPT lead and influence adoption of ChatGPT across the Company.
- Provide company training on ChatGPT prompt engineering risk management strategies and implementation strategies.
- Assess develop and advise on risk management strategies related to AI integration in business processes including the ethical deployment of AI systems.
- Enterprise Risk Management (ERM) Analyst
- Conduct risk assessments to identify potential threats to business operations including strategic operational financial compliance and reputational risks.
- Review business processes industry practices regulatory requirements and identify gaps in risk mitigation activities. Influence necessary changes to keep risks within the Companys risk appetite and tolerance levels.
- Assist in preparing regular ERM reports and dashboards for executive leadership and the board of directors.
- Assist with the development and implementation of enterprise risk training and awareness campaigns and programs.
- Represent the team in daytoday activities with internal and third party business partners.
- Risk Department Administration
- Manage user access and related controls for software managed by the Risk Department.
- Provide backup support for various risk department administrative duties as needed including insurance program management business continuity activities risk analysis and reporting and maintaining policy manuals.
- Update policy and procedure as needed to meet business and regulatory requirements.
Qualifications
Education
- Bachelors degree in Business Administration Risk Management Supply Chain Management or a related field.
Experience
- Minimum of 7 years of experience in financial services industry or other regulated industry with demonstrated success in developing designing integrating and managing thirdparty risk management frameworks and mitigation strategies.
- Experience implementing and managing ERM frameworks and risk mitigation strategies.
- Experience working in regulated industries (e.g. finance healthcare or technology) is highly desirable.
Skills and Competencies
- Expertise in third party risk management and strategic sourcing principles and regulatory compliance requirements.
- Expertise in analyzing and interpreting data to measure and report on thirdparty risks.
- Understanding of IT security risk associated with thirdparties.
- Expertise with continuous thirdparty monitoring tools such as BitSight or RiskRecon.
- Proficiency in managing vendor contracts Service Level Agreements (SLAs)
- Strong negotiation and contract management abilities.
- Expertise in using third party risk management systems or Governance Risk and Compliance (GRC) platforms.
- Strong project management skills as part of implementing third party enterprise risk management privacy/compliance risk and AI risk management frameworks policies and procedures.
- Proficiency or expertise with Generative AI applications (ChatGPT or similar) including training prompt engineering and AI ethics and risk management.
- Familiarity with frameworks like COSO ISO 31000 NIST.
- Exceptional analytical problemsolving and decisionmaking skills.
- Excellent relationshipbuilding and communication skills.
- Ability to align thirdparty risk management with the companys overall business strategy.
- Knowledge of regulatory requirements such as NYDFS GDPR or CCPA and experience with NAIC guidelines and statelevel insurance regulations relevant to surety.
- Familiarity with surety or insurance industry including knowledge of underwriting claims and bonds.
Certifications (Preferred)
- Certified ThirdParty Risk Professional (CTPRP)
- Certified Risk Management Professional (CRMP)
- Certified Supply Chain Professional (CSCP)
- Certified Information Systems Auditor (CISA)
- Certified Risk and Compliance Management Professional (CRCMP)
Required Experience:
Manager
Employment Type
Unclear
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
