Support the implementation of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/State Regulatory requirements.
Provide guidance to internal stakeholders to ensure requirements of VRM are fully understood.
On-board existing and new High Risk vendors into the Vendor Management System
Initiate and manage vendor communications related to due diligence questionnaires and other document requests
Collect and analyze data received from vendors
Input vendor-related data into the Vendor Risk Management system.
Work with business owners, internal stakeholders, and vendors to ensure documentation is up-to-date throughout the vendor lifecycle
Manage tracking in the Vendor Risk Management system.
Prepare risk assessment reports for vendors identified as High Risk.
Update existing reports on a periodic basis.
Serve as lead for monitoring risk incidents, remediation resolution including development and execution of corrective action plans, and ensure follow-on reporting and monitoring
Escalate risk issues to the appropriate individuals, as needed.
Communicate risk-related issues and resolution management with specific vendors.
Develop and maintain metrics reports related to vendor groups.
Work with internal teams to analyze and resolve potential issues.
Evaluate vendor performance against service level agreements
Provide documentation for external audit requests
Assist with vendor off-boarding, as needed
Perform any other job related assignments, as requested, with reasonable accommodation.
Qualifications Required:
Bachelor’s degree in Business or related field
Minimum 3 years related work experience in vendor management, vendor risk management, and/or strategic sourcing and procurement required
Practical knowledge of risk management software/applications (e.g., OneTrust, Bitsight, Venminder)
Working knowledge of service level agreements and/or contractual requirements
Ability to interpret information security data and processes to identify potential compliance and/or issues
Excellent verbal and written communication skills including the ability to prepare documentation, policies and build consensus across a broad group
Proficiency with Microsoft Office productivity applications (Word, Excel, PowerPoint)
Amenable to working flexible hours
Strong organizational and project management skills.
Preferred:
Shared Assessments’ Certified Third Party Risk Professional (CTPRP)or Certified Third Party Risk Assessor (CTPRA) certification
Experience working as a member of (or with) a corporate compliance or information security group.
Sharp critical thinking skills, sound judgment, and decision-making ability.
The ability to work both collaboratively and independently.
Proven ability to work in a fast-paced environment where the client is always first.
Ability to learn Milliman’s business and unique structure and culture.
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.