Manager, BRCO Third Party Risk - Cybersecurity

Manager, BRCO Third Party Risk
The Business Risk and Control Officers (BRCO) play a pivotal role in guiding the business to identify and understand risk exposures and the controls needed which are integral to reducing risk and safeguarding our customers and colleagues. BRCOs are critical to the success of the Risk Management Lifecyle and play a role in Planning, Identifying, Assessing, Mitigating, Monitoring, and Reporting. BRCOs are members of the First Line of Defense (1LOD) who:

• Provide leadership and coaching to the 1LOD to proactively identify and effectively manage risks.
• Translate and educate 1LOD to enable and drive business relevant implementation of Second Line of Defense (2LOD) risk management frameworks, policies, taxonomies and inventories.
• Review, validate, and test 1LOD activities to ensure adequate control design and effective control operation.
• Provide credible challenge to 1LOD colleagues, ensuring safeguard and risk mitigation measures are upheld in decision making and adherence to 2LOD frameworks and policies prior to 2LOD review.
• Drive two-way collaboration across 1LOD and 2LOD; liaise between 1LOD and 2LOD to driveengagement throughout the risk management lifecycle.
• Collaborate and coordinate across the organization to help navigate and mitigate horizontal risk promoting resilience and ensuring safety and soundness.
• Document, aggregate and report risk in accordance with the risk management lifecycle.

The Manager, BRCO Third-Party Risk for (Line of Business) will be responsible leading a team to partners with 1LOD to ensure adherence to supplier management and third-party risk policies and procedures. Understands the third parties we use, how we use them and what safeguards our third parties have in place. Drives the oversight and governance activities, as required by 2LOD, of third parties engaged for the line business.   Position Responsibilities:

• Advises and guides 1LOD performing the Third-Party risk processes performed on new and existing Third-Parties using a risk-based approach for review requirements and frequency.
• Analyzes process elements include planning, due diligence and third-party selection, contract negotiation, ongoing monitoring, termination/off-boarding.
• Provides guidance and works with 1LOD to identify, measure, control, monitor, and report on Third-Party risks in accordance with corporate risk policies.
• Facilitates and executes Third-Party due diligence activities, including relevant risk assessments to ensure adherence to the enterprise Third Party Risk Management policy.
• Provides leadership and coaching to 1LOD to proactively identify and effectively manage risks.
• Translates and educates 1LOD to enable and drive business relevant implementation of Second Line of Defense (2LOD) risk management frameworks, policies, taxonomies and inventories.
• Drives two-way collaboration across 1LOD and 2LOD; liaise between 1LOD and 2LOD to drive engagement throughout the risk management lifecycle.
• Drives a strong enterprise risk culture by fostering rigor and discipline focused on risk and compliance awareness, ethical business practices, transparency and escalation.
• Learns continuously about the line of business to strengthen subject matter expertise and provide more valuable application of risk guidance.
• Collaborates with and supports other BRCO team members to ensure a robust and comprehensive implementation of 2LOD frameworks within 1LOD.
• Selects, motivate, and retain high performing talent, cultivating a spirit of teamwork and continuous improvement with shared goals and objectives.
• Supports the development and growth of direct reports through on-going direction, coaching and performance management.
• Manages expenses and budget associated with the team and the work managed
• Other duties as required