GRC Third Party Risk Management (TPRM)

Responsibility

• Build and foster a strong rapport and relationship across the enterprise to collaborate with key stakeholders including Procurement, Legal, Physical and Cybersecurity, Compliance, Privacy, Technology, and other business functions to identify, assess and design plans to mitigate and monitor risks associated with third parties
• Support TPRM Program & platform development and ongoing maturation through updating standards, procedures, processes, internal controls, etc.
• Generate and implement quality assurance standards, conduct vendor assessments, monitor program output (data, deliverables, etc.), and identify opportunities for improvement
• Ensure required risk management activities and control weaknesses are identified prior to contract execution with third party provider, or appropriate risk acceptance is documented and approved in third-party risk platform
• 
  Monitor and evaluate the ongoing performance of third-party vendors in alignment with internal strategies, industry best practices, standard security frameworks, and regulatory guidance
• Evaluate third party maturity using ISO, the Cybersecurity Maturity Model Certification, NIST, GDPR and other industry framework standards and best practices
• Gather a full inventory of third parties and work on remediation and participate in change management process and data clean up in third-party platform and other systems
• Conduct training on third-party platform to team members as needed, to drive standardization and consistency of Program execution
• Complete research and analysis as needed to close Program gaps.
• Create and deliver presentations on status updates of TPRM program/platform, ensuring transparency and accountability at all levels of the organization
• Risk management culture: Supports the company s commitment to risk management and protecting the integrity and confidentiality of systems and data

  Looking to get Placed? Try our Placement Guarantee Plan

  Get Hired

Qualification:

• Bachelor s Degree Information Systems or Information Technology, Computer Science, Risk Management, or professional equivalency
• 10-12 of work experience related to Third Party Management, vendor risk management, cyber risk management and/or procurement
• Strong understanding of regulatory requirements and industry best practices related to third-party/vendor risk management