Collegamento...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0

Third Party Risk Manager

Titolo: Third Party Risk Manager
Tipologia di contratto: Contract
Luogo: Amelia, Ohio
Industria:
Stipendio: Negotiable
: ASAP
Job list.duration: 12 months c2h
Arbitro: RM1485_1579904538
Nome del contatto: Rashid Morad
Contatto email: rashid.morad@ojassociates.com
Lavoro pubblicato: mesi 2 fa

Descrizione del lavoro

Support Third Party Risk Management (TPRM) Manager implementing Governance and Operating Model working on-site primarily.

  • Socialize awareness of Third-Party Cyber Risk Management Addendum to the Outsourcing Policy
  • Present and discuss TPRM Addendum to the Outsourcing Policy to stakeholder groups: Procurement, Law, Claims, Global Product Owners, Project Management Office
  • Establish (manual - interim), process to maintain Inventories for relevant 3rd Parties: Agents, Claim, Attorney, and Service Providers
  • Establish, summarize the key points and next steps to drive deliverables to execution, and operationalize process to monitor update of all "in scope" contracts with Cyber Security Terms and Conditions.
  • Establish, summarize the key points and next steps to drive deliverables to execution, and operationalize 3rd Party Risk Classification methodology.
  • Implement the 3rd party cyber risk classification methodology for all newly onboarded 3rd parties utilizing CyberGRX (once contracted and implemented).
  • Until such time CyberGRX is implemented, collaborate with Business and Information Security to ensure Compliance Gate/web is performed for each "new business partner" and participate in Compliance Gate/web reviews as 2nd line function.
  • Support the evaluation, selection, and implementation of software tools to improve the management of 3rd party risk exposure.
  • Contribute to developing business requirements and supporting system implementation for GRC system Third Party Risk Management (RSA Archer). This includes and is not limited to: Project Charters, Requirements Definition, Systems/Data Flow Diagrams, KRIs/KPIs, Reporting
  • Support the preparation and presentation of risk topics to the Risk Management Committee and support local committees and councils.
  • Ensure Enterprise Risk Management (ERM) processes and standards are embedded in business to provide Management with sufficiently complete, accurate and timely information regarding the risk situation of their area of responsibility and to enable appropriate management decision making for controls/risk mitigation measures.
  • Increase risk awareness and understanding of ERM best practices, group practices & local rating agency & regulatory requirements.