Third Party Risk Specialist

Looking for only Immediate Joiner

Job Summary:

We are seeking a highly skilled and experienced Third-Party Risk Deputy-Manager to manage processes across the UK and US businesses.

The successful candidate will be responsible for managing the risks associated with engaging third-party vendors, suppliers, contractors, service providers and clients. They will play a key role in ensuring the integrity, security, and compliance of our third-party relationships.

The Third-Party Risk Manager role requires a combination of strong analytical skills, risk management expertise, regulatory knowledge, and effective communication abilities.

Technical Skill Requirements

• Expertise in Third Party Risk Assessment Reporting e.g., SOC1, SOC 2, IT internal audit, Information Security/cybersecurity, IT SOX, IFC
• Experience on implementing Third Party Risk Management framework
• Relevant expertise on GDPR requirements, Data privacy and protection, ISO control, NIST Standards, HIPAA.
• Experience in performing vendor risk assessment, due diligence, vendor evaluations, control testing, IT / infosec risk assessments, network security, Infrastructure assessments.
• Understanding of GAAP, GAAS, COSO and Sarbanes-Oxley

Key Responsibilities:

1.

• Conducting and responding to comprehensive risk assessments of potential third-party vendors before engaging them. Forming TPRM process document and evaluation checklists.
• This involves evaluating factors such as financial stability, regulatory compliance, security protocols, and overall reputation.
• Timely Supplier onboarding to ensure the integration into Aptias business ecosystem while ensuring that the supplier meets our requirements, standards, and expectations.

2.

• Collaborating with the US and UK legal teams to review and negotiate contracts with third-party vendors, ensuring that they include adequate provisions for risk mitigation, compliance, data security, and performance standards.

3.

• Implementing processes and systems to continuously monitor third-party vendors throughout the duration of their engagement.
• This includes tracking performance metrics, compliance with contractual obligations, and any changes in their risk profile.

4.

• Developing and implementing strategies to mitigate identified risks associated with third-party relationships.
• This may involve implementing additional security measures, diversifying vendor portfolios, or establishing contingency plans.

5.

• Ensuring that all third-party relationships comply with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, or PCI DSS.
• Staying abreast of regulatory developments and updating processes accordingly.

6.

• Regularly communicating with internal stakeholders, including senior management and board members, regarding the status of third-party relationships and associated risks.
• Providing comprehensive reports and recommendations for decision-making.

7.

• Coordinating responses to any incidents or breaches involving third-party vendors, including conducting investigations, assessing the impact, and implementing corrective actions to prevent recurrence.

8.

• Building and maintaining strong relationships with third-party vendors and clients based on transparency, communication, and mutual trust.
• This includes conducting regular meetings, performance reviews, and addressing any concerns or issues promptly.

Qualifications & Skills:

• Bachelors degree in business, finance information technology, or a related field. Master's degree or relevant certifications (e.g., CRISC, CTPRP, CTPRA) preferred.
• Proven experience in third-party risk management, vendor management, or a related field, preferably in a regulated industry.
• Strong understanding of risk management principles, regulatory requirements, and industry best practices related to third-party relationships.
• Excellent analytical, problem-solving, and decision-making skills, with the ability to assess and prioritize risks effectively.
• Exceptional communication and interpersonal skills, with the ability to collaborate cross-functionally and influence stakeholders at all levels of the organization.
• Proficiency in using risk management tools and technologies, as well as Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).

Required Qualification:

Certification:

Preferred geography of previous work experience:

Language requirements:

Working Hours: