Job #: 1955
Title: Third Party Risk Analyst
The Third-Party Risk Specialist is responsible for scheduling, coordinating and maintaining quality of the end-to-end assessment process for third-parties. This individual will also be involved in the issue management process and management of issues identified through these third-party assessments. In addition, this role will be supporting the implementation of a common and consistent Third-Party Risk Management (TPRM) program to effectively manage third-party risk in accordance with internal policy and regulatory requirements.
• Schedule, coordinate and review the end-to-end assessment process for new and existing third-parties
• Perform due diligence on all new and existing third-parties in accordance with TPRM policies and procedures
• Review and analyze all relevant third-party documentation received, perform required financial and regulatory checks.
• Engage with Subject Matter Experts
• Review and ensure that all third-party metadata, including status, is accurately maintained in TPRM database
• Effectively communicate the status of open third-party issues
• Assist other team members, including performing quality peer reviews
• Contribute to the permanent improvement of the third-party risk management program (process, framework, indicators…)
• Participate in the definition of roadmaps and manage accordingly
• Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required internal standards and regulations
• Maintain broad knowledge of best practices and trends in Third-Party Risk Management
• Work as a member of the team, supporting necessary activities to ensure the success of the TPRM program as may be delegated by the Head of TPRM
• BA/BS required
• More than 5 years of related experience (e.g. Third-Party Risk, Vendor Management, Supply Chain Management Operational Risk, Audit)
• CTPRP preferred
• Knowledge of various assessment types (e.g., Share Assessments for suppliers, self-assessments, SOC reports, audits, vulnerability assessments, penetration tests, third-party assurance)
• Understanding of the key elements of the Third Party Risk Management Lifecycle
• Experience in planning, organization and conducting Third-Party Assessments and Review
• Proven capabilities in influencing and negotiating priorities.
• Experience working in the Insurance or Financial services sector preferred