Job Summary
The Third-Party Risk Management (TPRM) Program Manager is responsible for continued design, administration, and management of Northwest's TPRM Program (People, Process and Technology).
The TPRM Program Manager facilitates intake and triage of third-party engagement requests, collects and distributes documentation requests to Internal Audit and regulatory agencies, performs risk and control self-assessment (RCSA) activities, monitors adherence to the TPRM Policy, procedures, and job aides across multiple lines of business, risk subject matter experts and TPRM team members, through continuous monitoring and education, assists in the preparation of risk committee reporting, manages projects and remediation plans, and assists the Head of Procurement in the continued development of the technology system of record (Archer).
Essential Functions
Assist the Head of Procurement in the expansion of TPRM processes to align with regulatory and Bank requirements, through design, business requirements, and system of record (Archer) user testing.
Act as liaison to GRC Administration team
- Facilitate TPRM Policy, procedure and job aide development and review cycles, engaging program stakeholders, and preparing for risk committee approvals - ensure all are reviewed and updated per established governance procedures
- Work directly with Northwest's business line Relationship Managers to gain thorough understanding of third-party product and service needs (new, renewal, modification, termination), collect and review draft contracts, stage third-party profile and engagement records, and triage to Risk / Contract Analysts
- Facilitate contract termination activities to ensure comprehensive and timely exit of third-party business arrangements through questionnaires and collection of evidence from Relationship Managers
- Provide education and guidance to stakeholders across the organization (i.e. Relationship Owners, Risk Domain Experts, TPRM Analysts, etc.
regarding adherence to TPRM Policy and procedures
- Monitor for and escalate business user non-adherence to TPRM Policy
- Identify and escalate material risks and / or events to the Head of Procurement timely and effectively to support the development of risk management strategies or further management by established enterprise processes (e.
g., data breach, service failure, bankruptcy)
- Support the Head of Procurement in the collection of documentation and craft written responses to satisfy Internal Audit and regulatory agency requests
- Lead Risk and Control Self-Assessment (RCSA) activities for TPRM, including but not limited to, business process mapping, identification of risks, development and monitoring of controls, execution of design and operating assessments and identification of gaps
- Gather relevant information and data to draft risk committee reporting - ensuring proper level of detail for each committee, up to and including the Board Risk Management Committee to ensure timely circulation of reviews and upload to repositories
- Manage projects for TPRM, ensuring adherence to project management lifecycle standards
- Monitor and follow up on remediation plan activities for Findings owned within TPRM
- Develop and measure metrics / key risk indicators to enable TPRM oversight and support enterprise-wide adherence to risk appetite
- Establish a thorough knowledge of Northwest's business processes and associated products and services with an understanding of how third-party services are utilized to achieve business goals and objectives
- Ensure compliance with Northwest's policies and procedures, and Federal / State regulations
- Navigate Microsoft Office Software, computer applications, and software specific to the department to maximize technology tools and gain efficiency
- Work as part of a team
- Work with on-site equipment
Education + Experience
- Bachelor's degree in a business-related field preferred
- 8-12 years of business experience in the financial services industry, preferably banking required
- 2-3 years of experience in Third Party Risk Management preferred
- 2-3 years of experience with RCSAs preferred
Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)