Senior Consultant, Due Diligence - Third Party Risk Management - Northern Trust

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity.

The Role: NT's Chief Procurement Officer's team for Third Party Management (TPMO) is responsible for design and execution of the Third Party risk management program in line with regulatory expectations, NT's Third Party Risk Management Policy, and Third Party Practice Standard. We are in a phase of growth and transformation. While you'll be hired for a specific role, your role may evolve as we scale - expanding into areas aligned with your strengths and program needs. We're looking for partners who thrive in change, think like problem solvers, and bring skills in project management, process management, and change leadership.

This role will report to one of several team managers within the TPMO, which is the 1st line of defense for third party risk. Primarily, you will work closely with the TPMO team manager to assist in strategy and design decisions, business as usual process improvement and/or the direct execution or indirect execution (directing others on how to execute) of the program as per the Third Party Standard. The role holder will be an expert in Third Party Risk Management and would be well versed in execution aspect of the program related to the entire lifecycle of third party engagements. This is a central role interacting with business units, 2nd line of defense, other team leads and offshore quality control team.

Responsibilities:

• Responsible for tracking program throughout the various third party management life cycle elements (Planning, IRQs, DDQs, Ongoing Monitoring, Contracting and Termination), periodic inventory review, open issues and open risk acceptance review and tracking of all internal projects.
• Responsible for designing and periodically reviewing program related artifacts, risk methodologies, service categories and associated risk profile, reporting thresholds etc.
• Accountable for assisting and guiding business partners through various stages of third party lifecycle to ensure quality program execution.
• Identify gaps and drive continuous improvement across the TPRM lifecycle (e.g., onboarding, due diligence, monitoring, offboarding).
• Suggest and participate in improvement projects that automate or streamline repetitive tasks (e.g., through Coupa tools or workflow automation platforms).
• Maintain strong documentation and evidence of controls, risk decisions, and remediations.
• Track milestones, dependencies, and deliverables across projects and/or an assigned portfolio of relationships.
• Engage with risk domain SMEs, vendors and vendor relationship managers.
• Serve as the point of contact for program performance updates, risk issue escalations, and regulatory reviews.
• Responsible for engaging with and assisting 2LOD partners by providing business users' input for 2LOD deliverables.
• Use dashboards and key risk indicators (KRIs) to monitor third-party risk posture and performance and determine areas of focus.
• Report progress to the board, risk committees, and regulators as needed.
• Participate in cross-functional teams associated with Third Party program requirements in areas such as design & strategy, enterprise critical vendor management, and other SMEs related subjects.

Qualifications and Skills:

• Several years of related work experience with clear understanding of and experience in the Three Lines of Defense model.
• A thorough understanding of third-party (i.e., vendor, supplier, etc.) risk management, with prior experience in designing program solutions, risk scoring and aggregation methodologies and designing committee reporting.
• Understanding of global risk regulatory requirements with emphasis on US (OCC Bulletins, FFIEC, FRB, FDIC) or UK (PRA, FCA).
• A TPRM related certification such as CTPRP or CTPRA.
• Proven track record managing vendor risk and/or leading large-scale risk or compliance initiatives.
• Expertise in third-party risk frameworks and regulatory requirements.
• Experience with tools such as Coupa, ServiceNow, Cybeta, Interos or similar.
• Strong organizational skills.
• Ability to influence activities across multiple teams and across business units.
• Outstanding writing, communication, and presentation skills.
• Sound analytical and problem-solving skills.
• Strong networking ability to develop internal and external networks based on integrity and credibility through active listening and understanding.

Working with Us: As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

Reasonable accommodation: Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.