5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
Manager of Third Party Risk Assurance
(This job is no longer available)
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

Manager of Third Party Risk Assurance

San Francisco, CA

The Third Party Risk Assurance (TPRA) Manager role will oversee a team of TPRA Analysts responsible for assessing, overseeing, facilitating and managing the third party risk assurance program. In addition, The TPRA Manager role will be responsible for managing the enterprise TPRA Source of Truth and Workflow tool, TPRA technologies, requirements and corresponding technical components.

The activities managed by the TPRA Manager are as follows:

  • Overseeing the TPRA's team coordination of end-to-end risk assurance activities throughout the TPRA life cycle (including Third Party Evaluation: Pre-Contract and Third Party Assurance: Post Contract).
  • Overseeing and performing quality control of TPRA Analyst day-to-day activities.
  • Serving as the initial point of escalation for stakeholders and the TPRA team as needed.
  • Responsible for management, administration, communication and updates of the enterprise TPRA capability materials such as the procedures, requirements, technology and supporting tools.
  • Maintaining relationships and facilitating collaboration between the TPRA team, Legal, Procurement, External technologies/sources used for Cyber Assurance activities and other key TPRA stakeholders.
  • Ensuring the proper TPRA workflow enablement and operations via the TPRA tool, from Cyber Assurance Criteria evaluation through Exception Management activities.
  • Responsible for gathering, maintaining and coordinating technology enhancement requirements from the TPRA team, other service stakeholders, enterprise GRC technology owners to manage TPRA specific requirements.

Key Responsibilities:

  • Serve as a day-to-day liaison for Business Owners, TPRA Director, CISO and senior stakeholders regarding the TPRA service and capabilities.
  • Manage workflow and ensure quality of Cyber Assurance activities performed by the TPRA Team. This includes oversight of cyber assurance criteria evaluation, cyber assurance activities, exception management as well as reporting and metrics.
  • Oversee third party risk landscape across the enterprise and communicate key changes to the TPRA Director.
  • Facilitate escalations including instances of non-compliance or high-risk concerns or TPRA technology issues to appropriate stakeholders.
  • Oversee completion of Business on-going risk management activities and ensure TPRA Analysts report appropriately on instances of non-compliance.
  • Manage exception escalation processes to ensure appropriate stakeholders and executives across the enterprise are involved based on defined risk thresholds.
  • Perform/Oversee initial review of risk metrics aggregated by the TPRA Analysts and address inquiries regarding reporting/dashboards.
  • Perform/Oversee sample Quality Control (QC) and Quality Assurance (QA) on TPRA activities completed throughout the life cycle.
  • Oversight of third party data integrity and source of truth management within the TPRA Tool.
  • Initial approval level for the management and administration of TPRA procedures, tools and corresponding support materials.
  • Responsible for collecting, documenting and prioritizing TPRA technology requirements, including enhancements and modifications to functionality within the TPRA tool.
  • Develop Business Requirement Documents (BRD) to translate TPRA capabilities, procedures and workflows into technology ready documents for implementation.
  • Serve as the primary tester for TPRA related technology enhancements or modifications.
  • Coordinate with enterprise GRC technology owners to drive consistency, prioritize needs and adhere to appropriate governance procedures.
  • Manage additional technology sources utilized by TPRA to perform Cyber Assurance (eg, external sources providing security information, additional technologies enabled to automate processes, etc.).
  • Drive innovation and enhance opportunities in TPRA technologies.

Key Requirements/Skills/Experience:

  • Bachelor's Degree or equivalent work experience
  • 7+ years of experience in Third Party Risk Assurance or risk management or audit required
  • Knowledge of principles and best practices (industry certifications preferred) in these areas:
    o Risk Assessment skills required
    o Audit background, including familiarity with SOC I (SSAE16 ) and SOC II, ISO 27001, etc. required
  • Experience with configuring, managing and deploying enterprise GRC technologies
  • Experience managing teams in a fast paced environment
  • Ability to communicate and work with senior level stakeholders on a regular basis
  • Ability to independently manage and prioritize work load
  • Detail-oriented with strong analytic skills
  • Excellent oral and written communication skills
  • Knowledge of insurance industry preferred
  • Experience managing and executing Third Party Risk Assurance capabilities in an innovate environment required


Applicants must be eligible to work in the specified location