• Third Party Risk Program Manager

    Location US-NC-Raleigh
    Posting date 3 days ago(12/4/2019 3:48 AM)
    Job ID
  • Company description

    At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an open source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.

    Job summary

    The Red Hat Global Resilience Management team is looking for a Third Party Risk Program Manager to join us in Raleigh, NC. In this role, you will be responsible for the implementation and management of the Third Party Risk Management (TPRM) program. You’ll work with key stakeholders including business line, legal, information security, procurement, and risk and compliance. You will identify, measure, monitor, and control risks related to the management of third and fourth parties.

    Primary job responsibilities

    • Lead cross-functional effort to build out the TPRM process
    • Oversee the TPRM function including the budget, resources, policies, processes, and technology investments for the TPRM program
    • Provide strong thought leadership and drive the TPRM value proposition across the company and with senior leadership
    • Assist in promoting the culture of open engagement, teamwork, and accountability
    • Maintain TPRM policy and adhere to new and existing regulatory guidelines and initiatives
    • Monitor framework adherence by developing tools and communicating requirements to key stakeholders
    • Facilitate the completion of business risk self-assessments and targeted operational risk assessment projects including facilitating risk acceptance and recommendations
    • Assist business partners with their identification of process and control related issues which may surface during the completion of the risk self-assessment
    • Perform root cause analysis on identified risk events to recommend improvements to prevent risk events from reoccurring in future
    • Manage internal or external relationships that identify, monitor, and account for third and fourth party risk
    • Assist in preparing and presenting TPRM reports to the executive advisory council
    • Interface with and develop detailed responses for key business and technical stakeholders, senior management, internal auditors, and external regulators
    • Identify and appropriately escalate operational risks that exceed risk appetite
    • Conduct third party risk management education and training as appropriate
    • Lead projects in coordination with the Business Resilience team to enhance the business resilience frameworks and assist with implementation of best practices
    • Identify opportunities for process improvements to deliver increasing operational efficiencies

    Required skills

    • 5-10 years of experience working in the technical services industry with extensive supply chain or risk management function; experience with third party risk management or vendor management office function
    • 5+ years of experience with operational or technology risk management; experience establishing a framework and on-going processes in accordance with industry best practices and requirements is a plus
    • Excellent communication and facilitation skills
    • Ability to work across business units and departments
    • Some experience directly engaging with and interacting with regulators either from a policy or supervisory perspective
    • Ability to work constructively and flexibly in a small team environment and to assist at the direction of management in tasks that are not the immediate responsibility of the department
    • Advanced professional presentation skills including excellent writing and public speaking capabilities
    • Proficiency in standard PC programs like Google Docs, Google Sheets, and Microsoft Office or Apache OpenOffice offerings
    • Bachelor’s degree in accounting, finance, business, or supply chain management; equivalent experience is also considered
    • Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Management Accountant (CMA), Royal Institution of Chartered Surveyors (RICS) Administrative Professionals Certification (APC),  Project Management Professional (PMP), Certified Professional in Supply Management (CPSM), or other relevant professional certification with working knowledge of industry practices, regulatory guidance, and control frameworks, e.g., NIST, ISO27001, ISO27036, ISO31000, SOC1, SOC2, COSO, SIG, FFIEC
    • Experience with project management and technology enablement including experience working with governance, risk management, and compliance (GRC) technologies (e.g., Archer, SAP, Metricstream), or third party risk management technologies (e.g., Archer, ProcessUnity, ServiceNow)

    Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.

    Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.


    Interested in this job?

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed