About the Role
Lets do this. Lets change the world. We are seeking an individual who thrives in ambiguity, capable of shaping risk mitigation strategies with speed and precision. In this vital role, you will serve as the Third-Party Risk Management Lead. Reporting to the Responsible Sourcing Lead, you will act as a subject matter expert and trusted advisor, providing guidance on processes, technology, and requirements to enhance third-party risk management capabilities. Leveraging a continuous improvement approach, you will identify opportunities to refine and update processes, ensuring they remain effective and aligned with evolving business needs. Your expertise will play a critical role in designing and implementing strategies that enable business objectives, foster innovation, and deliver measurable value.
Roles & Responsibilities
Act as a liaison between central TPRM governance and business unit TPRM leads.
Develop and maintain TPRM policies and procedures (as necessary) aligned with corporate risk appetite, regulatory requirements (e.g., GxP, GDPR, FCPA), and industry standards (e.g., ISO 27001, NIST).
Define third-party segmentation criteria, risk tiers, and lifecycle stages (onboarding, monitoring, termination).
Design and oversee tools and processes for initial risk screening (e.g., financial, regulatory, ESG) and deep-dive due diligence (e.g., cyber, data privacy, operational resilience)
Review and challenge risk assessments conducted by decentralized teams and lead appropriate training and awareness programs.
Consolidate key risk indicators (KRIs) and performance metrics for enterprise-level reporting.
Drive automation and integration initiatives across the vendor lifecycle and act as business owner of TPRM platforms (e.g., Aravo, Coupa Risk Aware, ServiceNow VRM).
Provide regular reports and dashboards for executive management and functions.
Stay current with global regulatory changes relevant to third-party relationships and ensure decentralized units adapt their processes to maintain regulatory compliance.
Manage regulatory and internal audit interactions related to supplier risk management including coordination with Global Internal Audit on their supplier audits.
Requirements
Basic Qualifications
Doctorate degree and 2 years of experience in third party risk management, and/or related fields
Or
Masters degree and 4 years of experience in third party risk management, and/or related fields
Or
Bachelors degree and 6 years of experience in third party risk management, and/or related fields
Or
Associates degree and 10 years of experience in third party risk management, and/or related fields
Or
High school diploma / GED and 12 years of experience in third party risk management, and/or related fields
Preferred Qualifications
- Deep understanding of third-party risk management frameworks, tools, and methodologies
- Strong grasp of enterprise and operational risk concepts.
- Ability to influence without direct authority across decentralized teams.
- Familiarity with healthcare/pharma compliance standards and global regulatory environments.
- Experience in onboarding, contracting, monitoring, and offboarding third parties.
- Capable of interpreting complex risk data and presenting actionable insights.
- Exceptional written and verbal communication skills to effectively engage and influence stakeholders at all levels.
- Experience in supporting company-wide initiatives, including business development, innovation realization, and merger integration.
About the Company
BioSpace is the digital hub for life science news and jobs. We provide essential insights, opportunities and tools to connect innovative organizations and talented professionals who advance health and quality of life across the globe.