- Conduct third party risk assessments in alignment with company security policies and industry standards
- Perform on site assessments of vendors to identify opportunities for improvement
- Provide input and aid in the development of policies focused on the security of third party business processes
- Foster relationships and influence the behavior internal teams and external parties
- Develop and maintain supplier risk and control monitoring plans, performing monitor activities and analysis of evidence to determine controls are operating effectively
- Complete monitor and control tasks triggered by supplier Tier and Third Party Interaction Model
- Collaborate with the line of business stakeholders to deliver year over year cost savings with managed third party relationships
- Assist in development and execution of category/supplier strategies
- Partner with internal budget owners to deliver against operating or marketing budgets
- Partner with appropriate stakeholders on contract negotiations for all managed third party relationships
Qualifications for third party risk management:
- Minimum 4 years of experience developing and maintaining global vendor risk management programs
- CISSP, CISM, CISA, or CRISC certification preferred
- Solid understanding of information technology and security solutions
- Responsible for proper invoice review, reconciliation, and payment
- Monitor and ensure successful delivery against third party contractual obligations
Assist in development of, and monitor, SLA's or key performance indicators for third party relationships.
