Head of Third-Party Risk Management

About Northern Trust:

Northern Trust a Fortune 500 company is a globally recognized awardwinning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

Northern Trust a Fortune 500 company is a globally recognized awardwinning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

We have a balanced hybrid working model to ensure you get the flexibility you need and the successful candidate will spend their time between working in the office and working from home.

This role reports to the Chief Procurement Officer (CPO) and is the Head of the Third Party Management Office (TPMO). The TPMO plays a centralized enterprisewide adherence and oversight role within the 1st Line of Defense and is responsible for owning implementing and enforcing compliance with the policy and standards including training and issue management. TPMO is also responsible for producing monitoring and reporting on 1st Line of Defense Third Party Risk Management lifecycle activity metrics and aggregation themes.

The Head of TPMO will provide oversight for the design implementation and improvement of thirdparty risk management processes policies and risk performance measures to guide Northern Trust in driving effective and efficient risk management throughout the thirdparty life cycle. The Head of TPMO will guide the assessment planning implementation management and coordination of third party risk management initiatives and activities.

In this role the individual will bring a systematic and disciplined approach to thirdparty risk management including oversight control and monitoring processes. They will establish a third party management framework customized to Northern Trusts environment that will drive riskinformed decisions and action. For success in this role theyll bring a thorough knowledge of third party risk management processes as well as keen business judgement.

This individual will be an expert in Third Party Risk Management and would be well versed in end to end third party risk management concepts and . This role involves constant interaction with business stakeholders and chairing of departmental committee. The incumbent will lead a team of professionals with clearly defined roles and responsibilities.

Responsibilities

Accountable for overall oversight of the program ensuring program throughput for the various life cycle elements as per program SLAs (Planning IRQs DDQs Ongoing Monitoring Contracting and Termination) and strict adherence to the policy and standard

Responsible for exit strategy completeness across all critical vendors and for consideration of vendor SLAs within continuity plans for all vendors related to critical processes

Accountable for consideration of third party failures as part of scenario development

TPMO periodic review and update of overall program design and methodologies including risk assessment questionnaires risk calculation and aggregation methods risk treatment methodologies escalation thresholds open issues inventory and program reporting

TPMO periodic review of the Third Party Management Practice Standard supplier service categories training materials desk procedures QC design and and process review for enhancement / automation opportunities

Lead third party risk management initiatives with crossfunctional internal stakeholders to monitor mitigate and report on risks and ensure compliance with applicable legal/regulatory requirements

Apply a deep understanding of various types of thirdparty risks and how to mitigate them including strategic reputational growth financial operational and compliance risks

Ensure strong oversight of all thirdparty risks providing senior management visibility into existing and emerging threats

Ensure consistent enhancements to the third party risk management technology solution that will meet the needs of a broad range of process objectives and stakeholder requirements

Tracking vendor concentration risks Nth party risks resilience risks regulatory changes and other emerging risks

Chairing monthly Third Party Risk committee (TPOC) and periodically reviewing and approving departmental organization chart operating model and RACI

Responsible for 1st Line of Defense review and challenge and for business perspective on 2nd Line of Defense deliverables such as TPRM Policy Third Party Risk appetite statement and metrics Committee charters and corporate risk committee (CTRC) reporting

Maintain meaningful interactions and responses with various stakeholders such as business units regulators and auditors

Develop vendor consulting / outsourced services supplier expectations and reviewing contracts with vendors hired by the department

Review vendor / consultant performance prioritizing efforts and approving invoices for those suppliers hired by the department

Responsible for final review of all departmental reporting inclusive of reporting submitted to regulators committees and business partners.

Qualifications

BS/BA Bachelor of Science degree or Bachelor of Arts or equivalent years of experience

Minimum of 10 years of related experience with a strong understanding of third party management in a highly regulated industry

Ability to successfully navigate across various lines of defense

Experience and/or working knowledge of related disciplines including strategic sourcing procurement supplier information security supplier diversity ESG thirdparty compliance information technology vendor management privacy enterprise risk management and/or business continuity

Ability to think and act strategically and creatively while having strong business acumen

Proven experience as a team lead team management resource planning designing corresponding department job descriptions and hiring of personnel

A thorough understanding of thirdparty (i.e. vendor supplier etc. risk management and prior experience in designing program solutions risk scoring and aggregation methodologies and designing committee reporting

Understanding of global risk regulatory requirements with an emphasis on US (OCC Bulletins FFIEC FED FDIC) or UK (PRA FCA)

Third party risk management related certification such as CTPRP or CTPRA or other professional certifications such as CA CGEIT CIA CISA CISM CISSP CMA CPA or CRISC preferred

Strong leadership and organizational skills

Ability to influence activities across multiple teams and across business units Outstanding writing communication and presentation skills

Sound analytical and problemsolving skills

Strong networking ability to develop internal and external networks based on integrity and credibility through active listening and understanding

Salary Range:

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits 401k and pension) health and welfare benefits (medical dental vision spending accounts and disability) paid time off parental and caregiver leave life & accident insurance and other voluntary and wellbeing benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged senior leaders are accessible and you can take pride in working for a company committed to assisting the communities we serve!Join a workplace with a greater purpose.

Wed love to learn more about how your interests and experience could be a fit with one of the worlds most admired and sustainable companies! Build your career with us andapply today.#MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process please email our HR Service Center at .

We hope youre excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.