Sr. Director, Strategic Sourcing Enterprise Third Party Risk

Job Description

The Senior Director, Enterprise Third Party Risk Leader, will lead an expanded third-party risk management E2E process, including leading a Central Risk Management team and driving a holistic, effective and efficient third-party risk management approach for the enterprise. This leader will shape and maintain an integrated and enterprise view of third-party risk exposure across a holistic set of risk dimensions, collecting inputs from function and business leads and reporting to key stakeholders. The role will also maintain a comprehensive understanding of the company's business strategies, organizational structures, resources and risks, policies and procedures and have responsibility for deploying cross-functional leadership of fit-for purpose risk practices across the Vertex risk community of risk subject matter experts, business owners, and executive leadership.

The leader will work collaboratively with internal Stakeholders, develop sound third party risk strategies, utilize knowledge and expertise of processes, leverage best practices and drive risk visibility and ultimately risk management actions. The leader will partner with Business Owners and Risk SMEs to effectively and efficiently manage third party risks through actions including risk mitigation and risk acceptance, alongside a transparent enterprise governance process for managing and underwriting risks.

As a senior member of the Strategic Sourcing group, this leadership role will be expected to provide strategic input in the future direction of the function.They will possess high-level business partnering acumen and subject matter expertise in third-party risk management processes and tools.Working collaboratively with strategic sourcing teams and internal Business Stakeholders, the leader is expected to ensure their teams' activities are aligned with Business priorities and objectives.This role will communicate with senior-most Executives and be viewed as a trusted business advisor crucial to their business.The role will effectively articulate the vision and value to the business.

Key Duties & Responsibilities

• Leadership responsibility for coordinating all aspects of a central enterprise risk management program and team, ensuring that the end-to-end (E2E) third party risk management processes are implemented and sustained, team members are fulfilling their roles and responsibilities, and reports are consistent with Corporate and risk policies
• Oversee supplier criticality assessments for all suppliers using a unified and holistic approach deployed along the supplier life cycle, and leverage the criticality dimensions for fit for purpose risk process prioritization
• Oversee third party risk assessment and regular updates for critical suppliers along the supplier life cycle leveraging a central risk tool, working with business leads to provide required inputs and ensuring other metrics are automated and updated
• Maintain centralized supplier risk repository for visibility to third party risks and action plans, timelines and ownership, including creating regular reports on multi-dimensional supplier risk with the CRM team
• Maintain and regularly update risk appetite matrix and list of risk mitigation actions, syndicating with and eliciting input from business leads as needed
• Coordinate, support preparation of, and participate in joint reviews of mitigation actions, working with business leads and risk SMEs and escalating when necessary
• Ensure E2E process is supported by appropriate tools and technology solutions in partnership with DTE, including standing up a centralized supplier risk register and automating risk assessment and tracking activities
• Coordinate, support preparation of, and participate in escalation governance committees (i.e., cross-functional governance meetings, executive level governance meetings)
• Manage and lead within a matrix of dedicated and assigned resources across a hybrid centralized and federated risk management operating model.
• Work with HR and Communications team to coordinate and launch training and communications plan for ongoing process awareness across the enterprise
• Collaborate with Executive leaders, function leads, and business leads to role model new processes
• Partner with strategic sourcing and business owners to ensure understanding of supplier landscape existing and future potential and integrate into the third-party risk management strategy to drive enterprise risk visibility and actions to manage risks through actions focus on immediate mitigations, mitigation plans with future timelines, and risk acceptance strategies.
• Own the enterprise third party risk management process, policies and procedures, and effective execution of same in partnership with risk SMEs and business owners, including effective governance, RACIs, and inherent and residual risk monitoring and reporting.
• Partner with key stakeholders to develop relevant risk metrics and KPIs, including process KPIs and SLAs to drive to drive the right risk management behaviors and actions; Oversee reporting on impact measurements and program outcomes
• Establish and promote best practices across the organization; Regularly review practices based on industry trends, regulatory changes, and organizational needs and address emerging challenges and opportunities; leverage best practices for continuous improvement

Required Education

• University degree in Accounting, Finance or Risk Management
• Certified professional certifications are preferred

Required Experience

• 12+ years' experience in the area of risk is required.
• Experience within a large multinational, publicly held company is highly preferred

Required Knowledge and Skills

• Strong knowledge of risk management policies and procedures, preferably related to third parties
• Excellent verbal and written communication skills; ability to effectively communicate with senior leadership team and third parties
• Superior business and analytical skills, ability to focus on key issues and solve problems, bring an enterprise mindset, and effectively track and create visibility and report on risk processes and outcomes.
• Ability to work in a collaborative, team environment; ability to cultivate and maintain effective business partner relationships through earned respect and trust; collaboration extends beyond Business Partners and suppliers to include other functional areas with risk SMEs and business owners
• Able to lead direct and cross-functional teams in a collaborative manner to drive successful outcomes.
• Adept at influencing and bringing new ideas and information that create tangible value to business.
• Strong process management and demonstrated use of Continuous Improvement mindset and tools (including Pareto Charts, Flow Diagrams, etc.) to drive process improvements
• Strong project management and organizational skills. Able to create detailed project plans, including an understanding of dependencies as well as critical path elements for larger, more involved projects. Track record of successful execution of complex, cross-functional initiatives.
• Able to establish and maintain effective business partner relationships at highest levels within the organization; gained their respect and trust; Thoughtful and active listener; able to think quickly and effectively articulate points of view.
• Ability to establish and lead an effective governance program that continues to elevate third party risk management and oversight for the company.

Pay Range:

Disclosure Statement:

Flex Designation:

Flex Eligibility Status:

In this Hybrid-Eligible role, you can choose to be designated as:
1. Hybrid: work remotely up to two days per week; or select
2. On-Site: work five days per week on-site with ad hoc flexibility.

Note: The Flex status for this position is subject to Vertex's Policy on Flex @ Vertex Program and may be changed at any time.

Company Information

Vertex is a global biotechnology company that invests in scientific innovation.

Vertex is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law. Vertex is an E-Verify Employer in the United States. Vertex will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.

Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should make a request to the recruiter or hiring manager, or contact Talent Acquisition at ApplicationAssistance@vrtx.com