Senior Director of Third-Party Risk Management

Description

BASIC FUNCTION:

The Senior Director of Third-Party Risk Management implements, executes, and maintains the Bank’s Vendor/Third-Party Risk Management program and systems to ensure regulatory compliance, efficiency, and effectiveness of third-party contract management, due diligence, and risk assessment. Responsible for execution of the Bank’s Third-Party Vendor Risk Management Policy, as well as processes and procedures, which include vendor sourcing, contract management, oversight of risk assessments, review of contracts/agreements, due diligence process, ongoing monitoring, executive reporting, periodic recertification, contingency planning, and vendor termination activities.

ESSENTIAL FUNCTIONS: 

• Provide management and oversight of the Vendor/Third Party Risk Management Policy/Program in accordance with applicable laws, rules, and directives. 
• Administer the Bank’s vendor risk software and platforms, ensuring that all third-party documentation is safeguarded and accurately maintained within appropriate databases.
• Implement, monitor, and maintain effective internal controls over service providers, including communication of information requirements and access to customer and bank information consistent with applicable laws and regulations.
• Work with business unit leaders to identify, select, qualify, and implement third-party solutions through effective new vendor selection and vendor contract renewal processes and risk assessments/due diligence, including, but not limited to, non-disclosure agreements, due diligence reviews, risk assessments, and input on contract requirements. 
• Initiate and ensure appropriate, ongoing training, maintenance, and monitoring of activities to mitigate operational and compliance risk related to the Bank’s Vendor/Third Party Risk Management Policy/Program, in accordance with business needs and regulatory requirements.
• Coordinate new vendor selection process and complete the due diligence for end-to-end assessment process for new and existing third parties in a timely manner, ensuring appropriate controls are in place.
• Engage with subject matter experts (SMEs) to request, review, and analyze all relevant third-party documentation and internally and externally prepared due diligence/risk assessments received. Communicate with business unit leaders and executives about issues, concerns, process, parameters, and other information.
• Maintain awareness, understanding, and compliance with the Bank's internal policies and procedures, laws, guidelines, and regulations appropriate for this function, as well as financial industry topics, trends, methods/processes, technology, best practices, etc., through research, industry events, networking, etc.
• Respond to regulatory and internal/external audit requests as directed.
• Research, develop, standardize, and enhance policy, procedures, and tools to assess and document third party/vendor risks, risk level categories, and responses to potential business disruptions.

SKILLS, KNOWLEDGE, AND TRAINING:

• Proven organizational abilities and communication skills that will be utilized to promote the Third-Party Vendor Management Program and further its effectiveness. 
• Proficient in the understanding of vendor risk management practices, including the lifecycle of risk identification, treatment, mitigation, acceptance, remediation as well as inherent and residual risks.
• Strong interpersonal skills and ability to function as part of a highly collaborative team. 
• Ability to read and interpret documents such as contracts, legal documents, procedure manuals, general business correspondence and/or journals or government regulations, and to disseminate information.
• Excellent written and oral communication skills with experience writing policy and procedural documentation.

WORKING CONDITIONS: 

• Standing, walking, some travel required
• Must be able to sit at a desk for extended periods of time and use a computer.

REQUIREMENTS: 

• Have six to eight years of work experience related to Third Party Management, Vendor Risk Management, Risk Management, and/or Procurement.
• Experience with vendor due diligence and risk assessments performed internally or by external parties.
• Leadership/Management experience
• Proficient with vendor contract and risk assessment technology systems
• Bachelor’s degree 
• Prefer experience in the financial services industry.
• Prefer experience with NContracts and NVendor contract and risk assessment/due diligence technology platform.
• Regulatory, practical knowledge, and experience to advise others.

Qualifications