S2P TPRM Analyst

Role summary: The TPRM Analyst is responsible for third party risk review processes encompassing vendor record creations and modifications, ongoing monitoring, ensuring all documentation is tracked, actioning vendor queries both via email and through the Process Unity Portal. Troubleshooting issues, interacting with internal and external stakeholders, highlighting issues and inefficiencies. This role will support the TPRM team to meet Regulatory Compliance requirements and support with documentation and evidence gathering for audit and regulatory exams.

Key responsibilities:

Process risk review and vendor due diligence activities for new vendor onboarding and ongoing monitoring of existing Third Parties.

Launch and manage completion of ongoing vendor assessments and reassessments.

Communicate with internal and external stakeholders related to vendor risk assessments.

Monitor vendor relationships to ensure risk review activities are executed in a timely manner and according to Client's Third Party Risk Management Policy.

Provide support to Third Parties completing Due Diligence Questionnaires by clarifying intent behind questions and expected supporting evidence.

Execute the TPRM steps for Vendor terminations and Offboarding in ZIP and ProcessUnity.

Maintain and update TPRM procedures (DTPs and SOPs) as needed to align with program evolution.

Support with audit and regulatory exam evidence gathering.

Prepare drafts for monthly and quarterly TPRM reporting and metrics.

Work on assigned ad-hoc projects related to vendor risk program, remediations, and process improvements.

Required qualifications:

Minimum 3 years of relevant vendor management experience.

Experience working with geographically distributed teams within a global organization.

Ability to work with both technical and non-technical stakeholders.

Proficient in Google GSuite applications (Sheets, Docs, Slides).

Excellent communication and facilitation skills.

Ability to establish good peer relationships and collaboration.

Quick learner to keep up with the demands of a fast-paced team.

Bachelor's or equivalent degree.

Preferred qualifications:

Experience in financial services, fintech, or cryptocurrency industry.

Knowledge of third party risk management frameworks and methodologies.

Familiarity with ProcessUnity or similar GRC platforms.

Professional certifications such as CTPRP (Certified Third Party Risk Professional), CISA, CRISC, or similar.

Experience with vendor contract management and risk rating methodologies.

Understanding of regulatory frameworks (SOC 2, ISO 27001, GDPR, SOX, etc.).

Required Tools:

ProcessUnity

ZIP

Google Suite

Slack

Preferred Tools:

Jira

Confluence

Looker

DocuSign

Workday