Summary of Responsibilities

This function is part of the 2nd Line of Defense and is responsible for the oversight of the 1st Line of Defense Office of Supplier Management. Responsibilities include, but are not limited to, the review of vendor portfolio exposures across the enterprise to identify and assess inherent risks through ongoing and initial due diligence.

This role is expected to be able to work independently, with minimal supervision, under the direction and support of the VP Third Party Risk Management and Oversight.

Essential Functions:

  • Conducts independent verification of compliance with policies and standards across Legal Entities.
  • Executes QA processes to evaluate effectiveness of the Third Party Risk program as administered and managed by the 1st Line of Defense.
  • Reviews and challenges: due diligence requirements for vendor selection, vendor evaluation process, selected sample outputs, overall output alignment with Risk Appetite, and execution of vendor onboarding / termination process.
  • Escalates key Third Party Risk exposures.
  • Monitors and performs detailed reviews of process compliance and provides management information to appropriate stakeholders including Risk and Control Self-Assessment (RCSA).
  • Performs appropriate and timely follow up of outstanding due diligence items for all new and existing vendor relationships.
  • Performs appropriate assessments of due diligence documentation for all new and existing vendor relationships as outlined in the respective policies and procedures.
  • Coordinates with other SCUSA internal departments to identify existing relationships where the proper vendor approval process has not been completed according to the respective policies and procedures.
  • Develops strong relationships with vendor relationship managers to ensure visibility to and understanding of key vendor risk areas.
  • Special projects as requested
  • Performs other duties as assigned


  • Bachelor’s degree preferred or equivalent work experience.
  • Two (2) to four (4) years of experience in one or more of the following:  risk management, operational risk, vendor risk management, quality assurance, or governance and policy
  • Strong understanding of vendor risk management in a financial services company preferred.
  • Must have experience in a national, performance-driven organization.
  • Knowledge of the finance industry’s regulatory requirements for the managing of third parties (FFIEC, Fed, etc.)
  • Strong analytical skills
  • Strong interpersonal skills and ability to communicate effectively with business partners
  • Strong writing skills
  • Ability to manage issues through to resolution
  • Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times
  • Strong team building, relationship management, and project management.
  • Demonstrable professional integrity and a strong work ethic.
  • Ability to maintain confidentiality.

Working Conditions:

  • Extended working hours may be required as requested by management and business needs.
  • Ability to realign workflow to respond to special reports/projects upon request
  • Travel to multiple facilities may be required.
  • May be required to lift, push, or pull materials weighing up to twenty (20) pounds.
  • May be required to sit and review information on a computer screen for long periods of time.
  • May require repetitive motions of the hands and wrist related to writing and typing at an electronic keyboard.
  • Corporate / satellite office role.

Employer’s Rights:

This job description does not list all the duties of the job.  You may be asked by your supervisors or managers to perform other duties.  You will be evaluated in part based upon your performance of the tasks listed in this job description.

The employer has the right to revise this job description at any time.  This job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason.