Job Purpose : The Third Party Risk Analyst I will be responsible for executing day-to-day activities in support of Citi’s Third Party Management Program, including the implementation of key, standardized processes related to compliance with Citi’s policies and standards;
guiding internal stakeholders; monitoring the timely and effective completion of pre-contract due diligence and post-contract ongoing monitoring activities;
and ensuring data accuracy for the reporting of third-party related metrics. Job Background / Context : Enterprise Supply Chain (ESC) reports in to the Enterprise Infrastructure group which in turn is part of the Citigroup Enterprise O&T division.
ESC aims to deliver world-class end to end supply chain operations to Citigroup through Strategic Sourcing & Supplier Management, Supplier Risk Management and Supply Chain Operations including purchase processing and payables.
Enterprise Supply Chain Controls and Governance is expanding and enhancing its operating model. A key priority for the team is to help strengthen Citi’s Third Party Management framework and program.
Integral to this new framework is establishing, supporting and managing the new Third Party Utility (TPU), responsible for delivering standardized Citi-
wide third party management processes. The TPU provides operational support, process guidance, and quality assurance and quality control oversight to businesses across Citi, leveraging a central utility infrastructure, standardized processes and operating procedures in order to execute robust risk management activities throughout the third-
party management life cycle. Key Responsibilities :
Facilitate Citi businesses’ ongoing compliance with Third Party Management requirements outlined in Citi policies and standards
Perform pre-contract due diligence and post-contract ongoing monitoring activities based on specific third-party risk profile, country, and / or business requirements
Monitor reports to ensure third-party management policy required pre-contract due diligence and post-contract ongoing monitoring is carried out by responsible and / or accountable parties
Review third-party records across Citi systems to ensure accuracy of data and supporting artifacts
Ensure timely completion and updates to third-party related risk information based on required frequency; track outstanding items for follow-up
Provide support to Citi businesses for the execution of third-party risk management activities, for example, coordination of : o Information Security Assessments with third parties and Citi business stakeholderso Internal risk assessmentso Third-
party onboarding activities o Documenting termination plans and off boarding of third parties
Execute common, standardized third-party risk management processes, managed centrally by the TPU, for example : o Support third-
party selection process through evaluation of bid responses against specific risk and control criteriao Support reporting activities as requiredo Verify Third Parties’ Insurance Coverageo Conduct Sanctions Screeningo Obtain financial statements from privately held companies
Participate on continuous improvement activities
Complete all tasks in connection with the organization’s activity but not detailed in the current job description, charged by the direct manager, supervisor, or the functional head.
Knowledge / Experience :
Preferred 1+ years of direct, relevant experience in third-party risk management or operational risk management
Ideal candidate would have experience in the financial services industry and a working knowledge of banking regulatory requirements Skills :
Strong organization skills, with proven ability to successfully manage multiple priorities
Detail oriented, with strong problem solving and analytical skills
Strong risk, process, and project management skills with proven ability to influence and drive results across a diverse team of stakeholders
Relationship management skills with ability to build partnerships across Citi businesses
Excellent communication skills and fluent in English (both written and verbal)
Proficient in MS Office applications Competencies :
Demonstrated ability to synthesize, prioritize and drive results with a strong sense of urgency
Ability to assess level of risk exposure based on identified risk characteristics
Proven ability to interact effectively with diverse cultures and backgrounds