Job Title: Strategic Vendor Risk Management Specialist
Key Responsibilities:
* Assist the Procurement & Contracts Manager in delivering strategic goals and fostering cross-functional collaboration to drive business success.
* Oversee centralized third-party risk management processes for all new and existing vendors/suppliers across the organization.
* Conduct thorough risk assessments for all vendors/suppliers in accordance with internal policies and standards.
* Coordinate risk and due diligence activities with internal stakeholders, including Contract Owners, IT Security, Privacy, and Legal teams.
* Support additional assessments for DORA, outsourcing, and operational resilience requirements.
* Communicate effectively with external parties to facilitate onboarding and compliance tasks.
* Maintain a comprehensive vendor/supplier inventory using JIRA, documenting onboarding stages and assigning monitoring tasks based on risk ratings.
Contract Monitoring & Oversight:
* Annually review and update risk tiers for all active suppliers in JIRA.
* Monitor vendor/supplier performance with contract owners based on risk ratings and contractual obligations.
* Conduct biannual reviews of Critical/High/Elevated vendor/suppliers and monthly samples of medium-risk vendor/suppliers.
* Meet quarterly with Contract owners to assess compliance with the Third-Party Risk Management Policy.
* Evaluate discrepancies or missed deadlines and escalate them to relevant department heads.
* Report non-conformance to the Procurement & Contracts Manager.
* Identify potential risks for inclusion in the organizational Risk Register.
Vendor/supplier Offboarding:
* Coordinate vendor/supplier offboarding in collaboration with Contract Owners.
* Ensure completion of offboarding questionnaires and assigned tasks.
* Request vendor/supplier removal from payment systems once all invoices are settled.
* Ensure Contract owners manage third-party vendor/suppliers in line with regulatory and internal policy requirements.
* Collaborate on project initiatives as needed.
* Maintain and annually review the Third-Party Risk Management Policy and SOPs.
* Develop and update training materials for Contract owners, ensuring annual training is delivered via the internal learning platform.
* Support audits and regulatory reviews related to third-party risk.