Head of Third Party Risk Management

Iselin, NJ 08830 | Work from home flexibility

Posted: 11/22/2021 Job Category: Executive Job Number: 1954

Job Description

POSITION OVERVIEW
The Head of Third Party Risk Management (TPRM) will set strategy and oversee the Bank's Third Party Risk Management program. This includes the oversight of the TPRM framework, processes, governance, policy, standards, tooling, training and metrics/reporting. This position will work with all levels of Bank management and lines of business in directing and following the Third Party Risk Management policies and procedures. This role will combine strategic direction of the program mixed with management of the day to day program execution activities. The role supports the achievement of the Bank's objectives by addressing the full life-cycle of a third party supplier relationship.

RESPONSIBILITIES
  • Set strategy and oversee the Bank's Third Party Risk Management Program framework including policy, procedure, tooling, governance, due diligence, on-going monitoring, reporting and education & awareness. Ensure framework facilitates the Bank's ability to identify, assess and mitigate risks associated with outsourced products/services. Risk areas include: information security, model, country, reputational, contract, use of subcontractors, business continuity, compliance, financial viability, fraud, money laundering and operational competency. Recommend new enhancements and process efficiencies in the Third Party Risk Management program.
  • Provide guidance to staff in the lines of business related to the risks posed by third party relationships. Engage and partner with the lines of business to ensure that all in-scope third parties: 1) are represented in the third party inventory; 2) are assessed to identify the risk posed by the product or service; 3) undergo due diligence based on risk characteristics.
  • Define contract standards working with the Legal, Compliance and the Risk divisions of the Bank. Review select contracts ensuring key elements of the Bank's contract standards are incorporated. Work with Bank lines of business in ensuring supplier contracts and supporting documentation is properly maintained in the Bank's TPRM technology solution.
  • Establish and chair Third Party Risk Management Committee (TPRMC), providing forum for effective third party governance. Ensure representation of all lines of business in order to gain buy-in and achieve program objectives.
  • Develop and maintain policy and procedures in support of the Program and in line with regulatory expectations of FDIC, FRB, FFIEC and CFPB. Present the program and supporting documentation to the Bank regulators.
  • Manage a Third Party Risk training and awareness program to educate staff across the lines of business in support of the TPRM program requirements.
  • Drive reporting and regular communication to ensure senior management (e.g., MRC, Board of Directors, ROC) are aware of the Bank's use of critical and high risk suppliers and any significant supplier issues.
Requirements
SUPERVISORY RESPONSIBILITIES 
Third Party Risk Program Manager, Third Party Risk IS Assessment Manager
 
  • Minimum 10 years of experience in any combination of Third Party Risk Management, Operational Risk Management and/or Information Security Risk Management, preferably in a Financial Services or Consulting organization
  • Bachelor's degree, preferably in Information Technology or Information Security, or equivalent specialized practical experience and certifications (e.g., CISSP, CISM, CISA, CRISC, etc.)
  • Knowledge and experience with regulators / regulatory standards that govern retail banks (e.g., FDIC, FRB, CFPB)
  • Knowledge of Information Security Risk assessment and analysis methodologies (e.g., FFIEC, NIST, ISO, etc.)
  • Experience in risk governance (e.g., technology, security and/or operational risk) including risk acceptance
  • People leadership experience
  • Project management experience
Desired:
  • Experience in operational risk assessment processes (e.g., RCSA, tabletop exercises)
  • Knowledge of Third Party Risk Management and/or eGRC systems
  • Basic contract management experience which includes reviewing contracts, understanding basic terms and general contract language
  • Experience in responding to regulatory and audit findings
  • Experience in developing performance metrics

Job Requirements

3rd Party Risk Management

Meet Your Recruiter

Gregg Chaillet
Recruiting Manager

Apply Online
Apply with LinkedIn Apply with Facebook Apply with Twitter

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.