Vendor Risk Management Resume Sample
Work Experience
- Support business and SVM’s sourcing teams in case of required termination of a third party contract or relationship to ensure alignment across different stakeholders
- GLBA (Graham Leach Bliley Act
- FFIEC (Federal Financial Institutions Examination Council)
- FDIC (Federal Deposit Insurance Council)
- CFPB (Consumer Financial Protection Bureau)
- Federal Reserve Bank
- Assist in the day-to-day support for the Firm’s VRM Office and it’s vendors, including the vendor lifecycle from business engagement, vendor identification, vendor due diligence risk assessment, periodic monitoring and termination
- Liaison with the HR business partners, legal, compliance, IT, Sourcing, Finance and others as needed to ensure VRM compliance with the Firm’s guidelines and policy
- Lead and complete risk analysis for onsite assessments, with the assistance of the business, for VCI’s consumer facing vendors, ensuring consistent execution
- Competent in one or more of the following abilities: Identifying Inherent Risk, Stratifying/Categorizing Vendors, Identifying Due Diligence Requirements, Planning Vendor Engagements, Overseeing & Monitoring Activities, Reporting Vendor Status, Internal Sponsor Management
- Familiar with regulatory mandates and processes associated with managing third party service providers
- Understanding of business unit needs
- Familiarity with IT controls and auditing practices
- Excellent leadership skills with the ability to develop and foster partnerships
- Excellent organizational, planning, analytical and technical skills
- Demonstrated teamwork with IT and business unit departments
- Manage the functionality of the VRM system which is VCI’s central repository for vendor contracts and related documents and is the record of all vendor due diligence and issue management
- Develop and maintain effective working relationships with vendors to create open channels of communication and ensure vendor alignment with OCC’s initiatives, priorities and goals
- Assist in managing the Bank’s vendor lifecycle phases of planning, due diligence, contract negotiation, ongoing monitoring and termination, and work directly with the Firm’s Due Diligence and Control Groups to review vendor risk assessment results and mitigation of risks
- Provide day-to-day support for the Bank’s Vendor Management Office (VMO) and it’s 200+ vendors, including the vendor lifecycle from on-boarding, contract reviews, periodic monitoring, risk assessments, and termination
- Assist in ensuring appropriate governance of policies and procedures, and the Bank’s framework adherence to key FFIEC and OCC regulatory requirements, including Appendix J, Regulation W, and Bulletin on Third-Party Relationships
- Provide to senior leadership reporting of vendor evaluation, identifying all areas of material risk and the potential source of the identified risk
- Provide to the VRM Sub-Committee reporting identifying those vendors and/or processes which represent the greatest threat of risk to the organization
Education
Professional Skills
- Strong written and verbal communication skills to include executive audiences
- Excellent analytical skills and ability to develop reports and with presentations in Power Point, Word, Adobe-Pro, Visio, Share Point
- Self-confident with strong interpersonal and negotiation skills
- Demonstrated experience in developing risk identification and mitigation solutions
- Senior management presentation and reporting skills,
- Prior banking and/or financial services industry experience required
- Communication and interview skills,
How to write Vendor Risk Management Resume
Vendor Risk Management role is responsible for credit, security, finance, training, database, auditing, reporting, insurance, government, software.
To write great resume for vendor risk management job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Vendor Risk Management Resume
The section contact information is important in your vendor risk management resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Vendor Risk Management Resume
The section work experience is an essential part of your vendor risk management resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous vendor risk management responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular vendor risk management position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Vendor Risk Management resume experience can include:
- Assist in the management of the VRM system which is VCI’s central repository for vendor contracts and related documents and is the record of all vendor due diligence and issue management
- Uses independent judgment and discretion to identify, analyze and summarize contract issues or key points ensuring compliance with Vendor Risk Management policy, laws and regulations. As a Senior level, handles more complex issues
- Contributes to the development and implementation of Vendor Risk processes, tools, policies, standards and procedures in alignment with the Enterprise Risk Framework program
- Experience effective negotiation and influence skills with External Parties to ensure effectiveness of security policy, strategy and governance
- Effectively communicates with business owners and leadership on contract requirements, concerns, and/or contract revision needs
- Experience developing/maintaining Information Security policies, standards, guidelines and procedures
Education on a Vendor Risk Management Resume
Make sure to make education a priority on your vendor risk management resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your vendor risk management experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Vendor Risk Management Resume
When listing skills on your vendor risk management resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical vendor risk management skills:
- Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership
- Experience leading functional business and technical teams in a large and complex, environment to deliver vendor risk management capabilities
- Experience with performing security risk analysis and compliance assessments
- Experience with performing security risk analysis and compliance assessments
- Significant experience in information security, auditing or risk management in a financial services or internet driven environment
- Related information security risk management experience with 3+ years in a management role
List of Typical Experience For a Vendor Risk Management Resume
Experience For Vendor Risk Management Analyst Resume
- Reviews and analyzes incoming third party contracts in collaboration with the Legal department and makes recommendations within Vendor Risk Management program requirements
- Maintains vendor contract database and onboarding of new third party contracts
- Ensures contract due diligence controls are met; monitors adherence to vendor risk policies and standards
- Reads and interprets legal verbiage for vendor contracts and identifies opportunity and recommends changes, as applicable
- Tracks and reports status of contract pipeline and negotiations
- Plans, coordinates, and organizes all tasks required to monitor vendor contract submissions
- Maintains a Vendor Management Share Point site
Experience For VP-vendor Risk Management, Santa Ana Resume
- Contributes to the development and implementation of Third Party/Vendor Risk processes, tools, policies, standards and procedures in alignment with the Enterprise Risk Framework program
- Effectively communicates verbally and written (reports and presentations) with business owners and leadership on risk issues identified through second line of defense risk management and contract risk reviews
- Ensures due diligence and ongoing monitoring controls are met; identifies due diligence assessments and documentation required based upon services being provided. Performs initial review of due diligence documentation to ensure they are current and applicable to the product/service provided
- Provides guidance to Business Units regarding policy interpretation expectations to comply with the Third Party/Vendor Risk Policy and Standards and regulatory requirements
- Tracks and reports status of periodic review due diligence and ongoing monitoring
- Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership
Experience For Manager, Vendor Risk Management Resume
- Plans, coordinates, and organizes all tasks required to monitor and report on third party population, performance, issues, and trends
- Maintains a Third Party Risk Management Share Point site
- Complies with all Bank policies and procedures; completes tasks accurately and on time; supports the company’s goals and values
- Determine the go-forward usage of 3rd parties based on their control environment
- Partner with business stakeholders to ensure that findings are agreed and remediated in a timely manner
- Publish monthly/quarterly/annual metrics from the program to Key Stakeholders and SME’s
- Interface with subject matter experts, peers and stakeholders and business or technology leaders across the Thomson Reuters enterprise
Experience For Senior Manager of Vendor Risk Management Resume
- Demonstrate subject matter expertise on information security best practices and Thomson Reuters security posture focused on performing due diligence for vendor assurance inquiries and attestations
- Ensure the risks are appropriately identified, communicated, managed, and resolved based on organizations policies regarding issue management, escalation, and acceptance
- Experience with ISO27001 standard is critical
- Think strategically, and able to work under pressure and proactively manage timelines and priorities
- Experience in the Financial Services industry, or other highly regulated industry
Experience For Cyber Security Vendor Risk Management Specialist VP Resume
- Make informal and formal presentations, inside the organization; speaking before assigned team or other groups as needed
- Basic Knowledge of Federal regulations regarding service providers
- Supervises four professional staff of Third Party Risk Management analysts that execute the vendor analytics
- Basic knowledge of Bank administration, lending and operations products and services; related state and federal laws and regulations, and other Banking operational policies and procedures
- Provide recommendations to management on business problems
- Working knowledge of risk assessing functions e.g. Information Security, BCP, Privacy, Vendor Viability, and Compliance related to assessing residual risk of third party providers
Experience For Risk-vendor Risk Management Specialist Resume
- Business acumen with a successful track record in aligning to business drivers
- Expertise in regulatory requirements regarding third party management for financial institutions
- Subject matter expertise in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC
- Relevant professional certifications: CISSP, CISA, ISO27001 Lead Auditor or similar
- Structured and reliable work style
- Apply the ‘Values and Beliefs’ of the Bank
- Certifications: CISA or CISSP
- Engage with key stakeholders (including but not limited to Procurement, Finance, Legal, Security Service, Business Continuity, Compliance, and Enterprise Risk Management) to ensure the Third Party Risk Management process fits cohesively within the vendor lifecycle with effective controls. Work closely with the stakeholder groups and business partners to evaluate inherent vendor risks to OCC
- Knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to third party risk and contract management, including but not limited, to the following: OCC 2013-29 Bulletin (Life Cycle Risk Management), Managing Third Party Risk, CFPB Third Party Risk, FRB Managing Outsourcing Risk, FFIEC Technology Service Provider Handbook
List of Typical Skills For a Vendor Risk Management Resume
Skills For Vendor Risk Management Analyst Resume
- Related information technology experience
- Effective negotiation and influence
- Related information security risk management experience
- Formulating remediation recommendations based on bank’s standards and industry best practice
- Perform independently to expectations while being collaborative and maintaining alignment with the team
Skills For VP-vendor Risk Management, Santa Ana Resume
- Maintain a current understanding of relevant vendor risk management, offshoring and privacy laws and regulations
- Oversee LPL's training relating to privacy and security
- Focused on supporting the customer, the team, and the business
- Assist in preparing annual reports to the Audit and Risk Committee of the LPL Board of Directors and LPL's Risk Oversight Committee
- Manage the Vendor Risk Management team and processes to ensure 3rd party vendors are meeting Thomson Reuters cybersecurity standards
- 50% – Travel to Vendor / Service Provider locations as required
Skills For Manager, Vendor Risk Management Resume
- Apply tactical and strategic methods appropriately
- Adapt in an environment where policy and procedures change
- Maintain focus and manage multiple efforts concurrently
- – Travel to Vendor / Service Provider locations as required
- Manage staff for VRM and Privacy
- Interact with the GRC Senior Management Team, Legal and government agencies and industry associations to include but not limited to SEC and FINRA
- Support and coordinate Vendor Information Security Review processes
Skills For Senior Manager of Vendor Risk Management Resume
- Review of vendor policies related to Information Security, comparison and gap analysis to the DB security requirements
- Review of implementation of DB security requirements by the vendor
- Follow-up with the contract persons to receive status of remediation efforts and provide management with updates, risks, and issues
- Track vendors and services that consistently miss deadlines and escalate when further action is needed
- Negotiation with the vendor’s security and legal team on the contractual security obligations
- Publish monthly/quarterly/annual updates to Key Stakeholders and SME’s
Skills For Cyber Security Vendor Risk Management Specialist VP Resume
- Develop process to continuously review and update vendor risk ratings
- Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress
- Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned
- Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices
- Provide ongoing consultation services and guidance specific to the engagement of third parties and following required policies and procedures
Skills For Risk-vendor Risk Management Specialist Resume
- Provide ongoing training to PSECU business units, specific to all aspects of the third-party risk management process
- Assist business units with following all aspects of the third-party termination program, when required
- Accept feedback and flex to address tactical needs
- Work across the organization to contribute to departmental initiatives and programs
- Participate as a member of a team for Vendor Risk Management
- Responsible for the implementation and management of the Corporate Vendor Management Program. Assist in the development and ongoing enforcement of the Vendor Management (VM) policies and procedures
- Act as the point of contact for all questions and concerns pertaining to the Corporate Vendor Management Program, including those from internal and external auditors
- Initiate and coordinate all new vendors’ relationships and contracts with the business units in compliance with the Corporate Vendor Management Program
Skills For Vendor Risk Management Consultant Resume
- Compile, coordinate, analyze, and monitor the communications between the business units and internal Subject Matter Experts within the Corporate Vendor Management Program
- Manage, administer, assess, and maintain vendor management software to achieve the goals of the Corporate Vendor Management Program and Policy. Ensure all vendor relationships are documented in the VM software system and all contracts related to such vendors are uploaded in the software
- Coordinate due diligence on existing and new vendor relationships
- Review and analyze contracts for corporate requirements. Maintain corporate electronic and paper contract files
- Identify and resolve gaps in the Vendor Management processes, procedures, and policies
- Assist with the implementation, management, and governance of the organization’s standard process for vendor selection (i.e. RFP process)
- Maintain a general working knowledge of the Pennsylvania Credit Union Code, the PA State Statutes, PSECU Bylaws and applicable federal and state regulations as they relate to third party due diligence
- Adhere to established PSECU and Department policies and procedures to ensure internal and external regulatory and legal compliance
- Provide assistance to PSECU’s relationship and contract owners relative to third party onboarding activities, specific to the Preliminary Risk Assessment Questionnaire, ensuring high quality and an appropriate level of due diligence is performed
Skills For Director, Vendor Risk Management Resume
- Support the business through completion of SME and quality reviews and partner with business unit managers through the contract management lifecycle (e.g. contract completion and termination)
- Facilitate periodic third-party relationship and contract profile reviews to ensure relevant and accurate details are maintained in the third-party risk management system, and that contracts and Certificates of Insurance are active
- Partner with PSECU’s Enterprise Risk Management and Reporting team to review Third Party Risk Managements Key Risk Indicators (KRI) reporting quarterly and assist the business in completing open items, action plans, and risk acceptances where necessary
- Support business unit managers with the third-party Performance Monitoring Scorecard reporting, Compliance Performance Monitoring, and Ongoing Risk Reassessments
- Perform reviews of critical and high risk third party processes to evaluate risk and control environment
- Conduct periodic reviews of PSECU’s third party and vendor inventory for opportunities to streamline and drive consistency across the organization
Skills For Vendor Risk Management Senior Specialist Resume
- Ensure all appropriate due diligence steps are performed, specific to each termination
- Build cross functional relationships with the Information Security Unit, Corporate Compliance, Finance, Business Continuity, Enterprise Risk Management, business unit managers, and other third-party Risk SMEs
- Support Enterprise Risk Management activities as needed
- Foster a positive, engaging and productive work environment for each team member by promoting skill development, coaching for improvement and growth, inspiring others through your words and actions, ensuring positive employee morale throughout the credit union
- Experience with performing security risk analysis and compliance assessments
- Related business experience preferably in a banking environment. Combination of
- Experience with 3rd Party Risk Management
- Experience in the use of GRC tools such as RSA Archer, Modulo, MetricStream or other
Skills For Senior Vendor Risk Management Analyst Resume
- Previous experience in an IS Auditor or other Compliance related role
- Operate as a key contributor to the Vendor Risk Management processes
- Working knowledge with RSA Archer
- Ensures compliance with vendor risk program, assisting business units or owners in meeting program requirements, and reviewing all regulatory requirements
- Execute risk assessments and control reviews of the 3rd Party suppliers including gathering and assessing results
- Expertise in driving the development and ongoing administration of a vendor risk, enterprise risk or operational risk management program