About the Role
The Director - Third Party Risk Management will be responsible for leading the monitoring, assessment, and reporting functions of third-party risk management. This individual will partner with the Legal, Compliance, Audit, Supply Chain Management, and Information Security areas to create, implement, maintain, and review an effective third-party risk management program.
This position may be eligible for the possibility of remote work.
Requirements
- Facilitate compliance with regulatory agencies’ requirements, facilitate compliance with policies and procedures, and aid in quality improvement.
- Interface, communicate, and collaborate with departments to mitigate risk and provide risk education.
- Develop and administer a Third-Party Risk Management Program including policies and procedures, guidelines, standards, templates, forms, and an overall governance process.
- Establish risk tiers and a framework for conducting risk assessments of third parties to identify and evaluate potential risks across multiple domains, including financial, operational, and reputational risks.
- Assist operational and business leaders in performing risk-based due diligence on third-party suppliers to ensure they meet the organization's standards and regulatory requirements, taking into account geopolitical risk, compliance risk, reputational risk, financial viability, and resilience.
- Develop and implement risk mitigation strategies and controls to minimize the organization's exposure to third-party risks.
- Implement ongoing monitoring capabilities to track changes in vendors’ risks profiles, regularly reviewing and updating risk assessments based on changes.
- Modernize the process for review and maintenance of vendor certificates of insurance.
- Review and recommend contractual language and evaluate new endeavors for minimizing potential risk exposure.
- Develop clear and concise metrics and analytics and prepare reports highlighting key risk metrics and insights for leadership, facilitating informed decision-making and heightened awareness of potential threats.
- Develop and deliver training programs to educate staff on third-party risk management policies, procedures, and best practices. Foster a culture of risk awareness and accountability throughout the organization.
- Coordinate with Risk Insurance function in review of institutional insurance policies as relevant to third-party risk.
- Support audit reviews, regulatory inquiries, and internal risk self-assessments as relevant to third-party risk.
- In conjunction with Legal, Compliance, and Internal Audit, collaborate in supporting the institution’s Enterprise Risk Management (ERM) Program.
- Perform other duties as assigned to meet the goals and objectives of the department and institution.
- Maintain regular and predictable attendance.
About the Company
There’s a reason St. Jude Children’s Research Hospital consistently earns a Glassdoor Employee Choice Award and is named to its "Best Place to Work" list. At our world-class pediatric research hospital, every one of our professionals shares our commitment to make a difference in the lives of the patients we serve. There is a unique bond when you are part of a team that gives their all to advance the treatments and cures of pediatric catastrophic diseases. The result is a collaborative, positive environment where everyone, regardless of their role, receives the resources, support, and encouragement to advance and grow their careers.