About the Role
The Third Party Risk Management team works closely with the Procurement team and Risk and Business Stakeholders to onboard and manage vendors and other third parties, build strong business partnerships, and facilitate risk management activities. Additionally, and most importantly, the team acts as the second line of defense against risks associated with outsourcing services to third parties.
The Sr Third Party Risk Manager is a driven self-thinker and quick-learner who can independently run and prioritize complex projects and deadlines in a dynamic, fast-paced environment. You will develop relationships throughout the company to facilitate the Third Party Risk framework and manage associated risks. You will also use your technical expertise and data analysis skills to identify and implement innovative methods and tools to bring efficiencies and meet regulatory and audit requirements, as well as define and manage key metrics for accurate and timely reporting for senior management and internal stakeholders.
Your primary focus will be to oversee a team responsible for the continuous monitoring of third parties and vendors for changes that may affect the risk environment and require risk remediation, provide subject matter expert guidance to internal stakeholders and senior management, and track remediation activity to completion. In addition, you will be responsible for the day to day running of program activities including ensuring that risk assessment, due diligence, and any other reviews and approvals are obtained during the entire third party lifecycle from onboarding through termination.
This is a role that requires you to ask good questions to increase your knowledge and to find creative solutions to unique problems. You can communicate complex ideas to senior leaders while being confident and concise, and practice good judgment in a professional setting. You manage your deadlines proactively and do not mind rolling up your sleeves to ensure even the smallest tasks are completed on time, but are able to see the big picture and contribute your ideas to further the success of the overall team.
What You'll Do
Manage the reassessment of the control environment of critical third parties through oversight of continuous ongoing monitoring activities and due diligence refresh.
Identify new control gaps and create and communicate mitigating action plans for resolution and remediation.
Execute on strategic projects to further the maturity of the Third Party Risk program.
Be the subject matter expert on regulatory requirements and utilize creative problem solving and critical thinking skills to design program enhancements.
Be the expert on third party risk management practices and lead and execute on initiatives to improve the LendingClub program.
Provide guidance to internal and external stakeholders.
Educate the first line of defense (e.g., Business owners) on how to proactively manage their vendor risk.
Facilitate implementation and administration of technology processes and tools to support the Third Party Risk program.
Facilitate integrations and data analysis across various Third Party Risk and Enterprise systems.
Ensure all data is updated and relevant in line with both internal/external audit requirements.
Manage reporting on the progress of third party risk initiatives and Key Risk Indicators (KRIs).
Requirements
- Bachelor’s Degree in a relevant field.
- 7-10 years of work experience in third party risk management, vendor management or procurement.
- Specific expertise in third party risk management and oversight activities including performing third party risk assessments and management reporting.
- Experience working in a highly regulated environment, preferably banking or financial services.
- Familiarity with compliance frameworks (e.g. SOC2, ISO27001, CCPA).
- Experience with vendor risk management software.
- Knowledge of internal controls, financial regulations, operational risk, and vendor due diligence.
- Strong communication skills and comfortable leading meetings and audit type interviews with vendors.
- Self-directed, able to work independently, as well as within a team.
- Strong organizational skills and attention to detail. Previous project management experience is a plus.
- Ability to prioritize and handle multiple competing assignments with efficiency and accuracy and manage stakeholder expectations.
- Ability to communicate technical security risks to non-technical business stakeholders.
- Possessing one or more certifications such as CISA, CISM, CRISC, CTPRP, CTPRA is a plus.
About the Company
LendingClub Corporation (NYSE: LC) is the parent company of LendingClub Bank, National Association, Member FDIC, and the only full-spectrum fintech marketplace bank. Members can gain access to a broad range of financial products and services through a technology-driven platform, designed to help them pay less when borrowing and earn more when saving.