We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Spectraforce Technologies jobs

Head of Third-Party Risk Management

Spectraforce Technologies
United States, Illinois, Chicago
Apr 15, 2025
Title: Head of Third-Party Risk Management

Duration: Fulltime

Location: Chicago, IL or Tempe, AZ

Job Description:

  • This role reports to the Chief Procurement Officer (CPO) and is the Head of the Third Party Management Office (TPMO). The TPMO plays a centralized enterprise-wide adherence and oversight role within the 1st Line of Defense and is responsible for owning, implementing, and enforcing compliance with the policy and standards including training and issue management. TPMO is also responsible for producing, monitoring, and reporting on 1st Line of Defense Third Party Risk Management lifecycle activity metrics and aggregation themes.
  • The Head of TPMO will provide oversight for the design, implementation, and improvement of third-party risk management processes, policies, and risk performance measures to guide client in driving effective and efficient risk management throughout the third-party life cycle. The Head of TPMO will guide the assessment, planning, implementation, management, and coordination of third party risk management initiatives and activities.
  • In this role the individual will bring a systematic and disciplined approach to third-party risk management, including oversight, control, and monitoring processes. They will establish a third party management framework customized to Client environment that will drive risk-informed decisions and action. For success in this role, they'll bring a thorough knowledge of third party risk management processes, as well as keen business judgement.
  • This individual will be an expert in Third Party Risk Management and would be well versed in end-to-end third party risk management concepts and execution. This role involves constant interaction with business stakeholders and chairing of departmental committee. The incumbent will lead a team of professionals with clearly defined roles and responsibilities.


Responsibilities:

  • Accountable for overall oversight of the program, ensuring program throughput for the various life cycle elements as per program SLAs (Planning, IRQs, DDQs, Ongoing Monitoring, Contracting and Termination) and strict adherence to the policy and standard
  • Responsible for exit strategy completeness across all critical vendors and for consideration of vendor SLAs within continuity plans for all vendors related to critical processes
  • Accountable for consideration of third party failures as part of scenario development
  • TPMO periodic review and update of overall program design and methodologies including risk assessment questionnaires, risk calculation and aggregation methods, risk treatment methodologies, escalation thresholds, open issues, inventory, and program reporting
  • TPMO periodic review of the Third Party Management Practice Standard, supplier service categories, training materials, desk procedures, QC design and execution and process review for enhancement / automation opportunities
  • Lead third party risk management initiatives with cross-functional internal stakeholders to monitor, mitigate, and report on risks and ensure compliance with applicable legal/regulatory requirements
  • Apply a deep understanding of various types of third-party risks and how to mitigate them, including strategic, reputational, growth, financial, operational and compliance risks
  • Ensure strong oversight of all third-party risks, providing senior management visibility into existing and emerging threats
  • Ensure consistent enhancements to the third party risk management technology solution that will meet the needs of a broad range of process objectives and stakeholder requirements
  • Tracking vendor concentration risks, Nth party risks, resilience risks, regulatory changes, and other emerging risks
  • Chairing monthly Third Party Risk Execution committee (TPOC) and periodically reviewing and approving departmental organization chart, operating model, and RACI
  • Responsible for 1st Line of Defense review and challenge and for business perspective on 2nd Line of Defense deliverables such as TPRM Policy, Third Party Risk appetite statement and metrics, Committee charters, and corporate risk committee (CTRC) reporting
  • Maintain meaningful interactions and responses with various stakeholders such as business units, regulators, and auditors
  • Develop vendor consulting / outsourced services supplier expectations and reviewing contracts with vendors hired by the department
  • Review vendor / consultant performance, prioritizing efforts and approving invoices for those suppliers hired by the department
  • Responsible for final review of all departmental reporting, inclusive of reporting submitted to regulators, committees and business partners


Qualifications:

  • BS/BA Bachelor of Science degree or Bachelor of Arts or equivalent years of experience
  • Minimum of 10+ years of related experience with a strong understanding of third party management in a highly regulated industry
  • Ability to successfully navigate across various lines of defense
  • Experience and/or working knowledge of related disciplines, including strategic sourcing, procurement, supplier information security, supplier diversity, ESG, third-party compliance, information technology vendor management, privacy, enterprise risk management and/or business continuity
  • Ability to think and act strategically and creatively, while having strong business acumen
  • Proven experience as a team lead, team management, resource planning, designing corresponding department job descriptions and hiring of personnel
  • A thorough understanding of third-party (i.e., vendor, supplier, etc.) risk management and prior experience in designing program solutions, risk scoring and aggregation methodologies and designing committee reporting
  • Understanding of global risk regulatory requirements with an emphasis on US (OCC Bulletins, FFIEC, FED, FDIC) or UK (PRA, FCA)
  • Third party risk management related certification such as CTPRP or CTPRA or other professional certifications such as CA, CGEIT, CIA, CISA, CISM, CISSP, CMA, CPA or CRISC preferred
  • Strong leadership and organizational skills
  • Ability to influence activities across multiple teams and across business units
  • Outstanding writing, communication, and presentation skills
  • Sound analytical and problem-solving skills
  • Strong networking ability to develop internal and external networks based on integrity and credibility through active listening and understanding

Applied = 0
MORE JOBS LIKE THIS

(web-77f7f6d758-rjjks)