Vendor Risk Manager

Vendor Risk Manager

Requirements

• BA/BS degree in Risk Management, Finance, Economics, Accounting, Mathematics, Statistics, or relevant degree
• 8+ years of experience in vendor/third party risk management or operational supplier management, preferably in the banking, consulting, financial services or Fintech industry
• Experience leading a global vendor/third party management program and team
• Understanding of global vendor risk management and outsourcing regulations (e.g., DORA, MAS guidelines)
• Ability to quickly develop an understanding of business processes and technology used within Tradeweb across all businesses and regions
• Experience performing detailed vendor risk assessments for a large list of vendors
• Experience using vendor/third party risk management systems/tools (i.e., KY3P)
• Communicate and present concisely and effectively based on appropriate level of management interaction
• Manage competing deadlines and prioritize responsibilities to effectively meet business needs
• Confident ability to drive tasks through to completion
• Attention to detail, excellent organizational skills, the ability to multi-task and set priorities in a fast-paced environment
• Work both independently and as part of a team at all levels and across all business units
• Experience collaborating with other cross-functional teams, such as Procurement, Cyber Risk, Information Security, Legal, Compliance and others to improve vendor management processes and systems
• Good judgment and discretion in handling confidential and sensitive information, with solid strategic thinking skills to meet team objectives

Responsibilities

• Lead the on-going development and enhancement of the Vendor Management Lifecycle through collaboration with stakeholders, process improvements, technology and automation
• Partner with key stakeholders to implement tools and automation that support effective management and oversight of the vendor management lifecycle, and mature processes to scale the program
• Provide periodic vendor risk reporting for senior management and governance committees, as required
• Manage the pipeline of incoming prospective vendor engagement requests and work with internal stakeholders to confirm the completeness and accuracy of information, ensure due diligence questionnaires are scoped and sent to vendors, and timely responses are received
• Lead the team responsible for performing risk assessments on prospective and existing vendors in accordance with the firm’s Procurement and Vendor Risk Management policy and procedures
• Coordinate with cross-functional review teams to ensure reviews are incorporated into the final Vendor Assessment reports
• Follow-up with third parties regarding incomplete due diligence information or follow-up questions required to complete assessments
• Monitor any open findings and track findings through to completion
• Leverage existing tools and processes to conduct periodic and ongoing monitoring of vendors

Preferred Qualifications

• Training/certification in vendor risk management, information security or risk management
• Experience in ISO 27001, ISO 27002 Domains, NIST Cyber Security Framework
• Experience with KY3P, Confluence, SharePoint, Asana and other vendor management/GRC tools are highly desired
• Project management/ Consulting experience
• Understanding of DORA regulation