CrawlJobs Logo

Third Party Vendor Management Lead Analyst

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Costa Rica , Heredia

Category Icon
Category:
Finance

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Individuals in Operational Risk establish and manage operational risk policies, propose strategies, and governance processes designed to minimize losses from inadequate controls, fraud, and potential bankruptcy. This includes supervision over technology operational risk, cyber risk, and fraud risk. These individuals are also responsible for the development of tools and infrastructure that support fraud monitoring and prevention, using advanced analytical and statistical skills to identify policy gaps and recommend changes to current policies. This role is crucial to the company as it fortifies against potential operational risks, thereby protecting the company's financial stability and reputation, and contributing towards the overall business resilience and success.

Job Responsibility:

  • Represent business leadership to coordinate and facilitate Third-Party Risk Management activities
  • Evaluate current market conditions and provide insight on trends/issues that could impact the business by external third parties
  • Advise the BAO on risk assessment for third parties and reassess as required
  • identify significant relationship changes to trigger risk assessment updates
  • Verify compliance of third parties with required policies and controls
  • Partner with business operations, technology teams, and internal functions to conduct on-site visits of third parties, as required
  • Maintain and update Citi’s Exit Strategy Plans as required
  • collaborate with business contacts to establish risk mitigation activities when the exit strategy poses significant risk to Citi
  • Interact with third parties on escalations of non-performance and contractual issues to drive resolution when appropriate
  • Monitor third party performance and Service Level Agreements (SLAs) through Citi Performance Management Assessment (PMA) process
  • Verify proper execution and upload of Third-Party contracts (e.g., Statements of Work) in Citi’s Contract Management System (eSourcing), collaborate with the Enterprise Supply Chain (ESC) organization if renegotiations are required
  • Review, prioritize, assess, and act on results of Third-Party Risk Management assessments/controls with support from various internal functions, in conjunction with business and operations teams
  • Facilitate remediation of issues or gaps identified as part of ongoing monitoring
  • Define risk mitigation strategies and risk exceptions based on the business’s risk appetite
  • Provide thought leadership to drive supplier optimization and efficiencies based on third parties' risk profiles, performance, and market trends
  • Standardize SLAs performance monitoring measures for like services, where possible
  • Liaise with the ESC Third Party Utility to review and respond to centrally conducted third-party risk management activities
  • When making business decisions, assess risk, uphold the firm's reputation, and protect Citigroup, its clients, and assets. This involves adhering to laws, rules, and policies, applying ethical judgment, and managing control issues transparently
  • Is an enthusiastic and early adopter of change
  • takes ownership for helping others see a better future and stay positive during uncertainty
  • Demonstrates and inspires curiosity in seeking new ways to overcome challenges
  • actively applies learning from failures
  • Challenges self and others to seek out and communicate alternative views even when unpopular
  • welcomes diverse ideas to improve outcomes
  • Acts as a change catalyst by identifying and helping others see where new ideas could benefit the organization
  • Proactively seeks to understand and act in alignment with organizational decisions
  • helps others prioritize team and enterprise success over their own personal agenda
  • Focuses on highest-priority work aligned to business goals
  • helps others effectively manage competing priorities
  • Proactively identifies opportunities to streamline work
  • creates process improvements that enhance efficiency for self and the team
  • Takes personal accountability for escalating, identifying, and managing potential risk
  • implements controls that enhance the client experience and operational effectiveness
  • Anticipates problems and proactively identifies solutions that address the root causes and result in meaningful improvements
  • Sets high expectations and invests the necessary effort to deliver excellence and exceed performance goals
  • Role-models and helps others to do the right thing for clients and Citi in all situations, even when difficult
  • Engages key stakeholders early and often and actively looks for opportunities to improve collaboration in achieving common goals
  • Proactively seeks out opportunities to volunteer in Citi programs that support the community
  • advocates for solutions that meet the needs of Citi’s clients and the community
  • Enthusiastically promotes the unique needs and preferences of colleagues
  • makes active commitment to help colleagues achieve balance, well-being, and development
  • Leverages varied networks to recruit diverse talent
  • advocates for colleagues with diverse skillsets, styles, and experiences to gain career opportunities
  • Empathetically listens and understands others’ positions before acting on issues
  • works to amplify voices that are minimized in the workplace
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of teams and create accountability with those who fail to maintain these standards

Requirements:

  • 6-10 years of experience
  • Understanding of Third Party Risk management lifecycle and risk assessment processes
  • Thought leadership and clarity in presenting ideas to senior management
  • Proven technical knowledge of resilience and Third-Party Risk principles and processes, to include up to date knowledge of current technology solutions, including Cloud
  • Experience in implementing risk processes across a large and diverse organization
  • Knowledge of regulatory requirements underpinning resilience and the Third-Party Risk Management and Outsourcing Lifecycle (OCC/FRB/EBA/PRA/MAS, etc.)
  • Excellent analytical skills to interpret and present complex data
  • Proficiency in the use of MIS and other risk management tools
  • Excellent project management skills to oversee risk reviews and mitigation efforts
  • Strong communication skills to provide counsel and collaborate with various stakeholders
  • Ability to challenge and scrutinize established practices
  • Strong collaboration skills to work with different risk SMEs
  • Problem-solving skills to identify and address root causes leading to operational risk losses
  • Bachelor's/University degree, Master's degree preferred
  • Sourcing Experience is required
  • Contract & Vendor management is required
  • Stakeholder management
  • Advance English
  • Risk & Control is a plus
  • ARAVO is a plus

Nice to have:

  • Risk & Control is a plus
  • ARAVO is a plus

Additional Information:

Job Posted:
March 18, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Third Party Vendor Management Lead Analyst

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Cyber Controls Lead Analyst / Business Risk Officer

The Business Risk Officer is a strategic professional who stays abreast of devel...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years relevant work experience in Business Risk & Controls
  • MS Excel, MS Access, SAS, SQL, Visual Basic a plus
  • 5+ years’ experience in financial services
  • Consistently demonstrates clear and concise written and verbal communication skills
  • Effective organizational influencing skills required
  • Third party vendor management preferred
  • Demonstrated ability to lead global team efforts
  • Excellent problem solving skills
  • Ability to see the big pictures with high attention to critical details
  • Demonstrated ability to develop and implement strategy and process improvement initiatives.
Job Responsibility
Job Responsibility
  • Responsible for managing and supporting multiple risk and control programs for the organization including defining the strategy, approach, processes, quality, tools and reporting that provide global risk management consistency and excellence
  • Establishes quarterly audit process of attributes to ensure proper calculation and control
  • Works closely with business partners on findings and makes recommendations on improving practices
  • Develops procedural implementation and change management process with Operations and Reporting team to ensure proper governance and controls exist
  • Examines procedures for consistency and gaps relative to regulations in addition to impacts on customer experience
  • Conducts internal testing of dispute processes to ensure control
  • Monitors exceptions to dispute policy and identifies drivers of exceptions
  • Leverages data to examine impacts to Customer Experience and Regulatory breaks
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Fulltime
Read More
Arrow Right

Third Party Vendor Management Senior Analyst

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
Costa Rica , Heredia
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience
  • Knowledge in risk management, particularly Resilience and Third-Party Risk Management
  • Understanding of Third-Party Management policy and procedures
  • Familiarity with risk governance structures and risk appetite parameters
  • Ability to create, apply, and analyze MIS of reports
  • Background in the implementation of third-party and resilience risk processes across various sectors and regions
  • Experience in conducting comprehensive third-party and resilience risk management reviews
  • Knowledge of relevant regulations and standards related to risk management, and ability to ensure compliance
  • Adapt to work across a diverse organization, managing various sectors and regions
  • Utilize strong analytical skills to interpret complex data and present it in a clear and understandable manner
Job Responsibility
Job Responsibility
  • Represent business leadership in Third-Party Risk Management activities coordination and facilitation
  • Evaluate market conditions and provide insight into trends that could impact the business
  • Advise on third-party risk assessments and reassessments
  • Verify third-party compliance to required policies and controls
  • Partner with operations and tech teams for on-site visits of third parties when necessary
  • Maintain and update Exit Strategy Plans as required
  • Address escalations of non-performance and contractual issues with third parties when necessary
  • Monitor third-party performance and service level agreements
  • Ensure proper execution and upload of third-party contracts in Contract Management System
  • Review, prioritize, assess, and act on third-party risk management assessments results
  • Fulltime
Read More
Arrow Right
New

Business Intermediate Analyst

USCC In-Business Credit & Franchise Risk (IBCFR) - Intermediate Business Analyst...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Finance, Business Administration, or a related quantitative discipline
  • Minimum of 5+ years of progressive experience in risk management, financial services, third-party vendor management, or a related field
  • Exceptional quantitative and analytical skills with a proven ability to translate complex data into actionable insights
  • Demonstrated ability to craft and deliver compelling presentations that effectively communicate intricate analytical findings to diverse audiences, including senior leadership
  • Strong track record in leading cross-functional projects, managing resources, and engaging effectively with internal audit and external regulators
  • Proficient in end-to-end project planning and management across various organizational levels, ensuring timely and successful delivery of initiatives
Job Responsibility
Job Responsibility
  • Strategic Vendor & Expense Management
  • Contract Lifecycle Leadership
  • Risk & Compliance Guardianship
  • Operational Streamlining
  • Talent Onboarding & Integration
  • Proactive Risk Assessment
  • Fulltime
Read More
Arrow Right

Learning Administration & Services Sr Analyst

Learning Administration & Services Analysts supports the vendor engagement and e...
Location
Location
Costa Rica , Heredia
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in Vendor Management and Learning Operations preferred
  • Relevant experience in global and complex settings with multiple stake holders
  • Experience in area related to analytics
  • Individual contributor with the ability to work in a team of diverse skill sets and cultures
  • Demonstrated success in managing deliverables within given timeframes
  • ability to cope under time pressures
  • Consistently demonstrates clear and concise written and verbal communication
  • Bachelor’s/University degree or equivalent experience
  • Experience in Vendor Management (Administration, planning and third party management)
  • Experience in Stakeholder Management (Leading / Driving Process Improvement initiatives)
Job Responsibility
Job Responsibility
  • Ensure that data is summarized from across the business to provide critical information to executive team
  • Partner directly with various players across decision management groups, analyze data and evaluate multiple sources to develop recommendations on high-priority strategic initiatives, including the annual strategic plan
  • Formulate and shepherd cross-franchise initiatives and programs from conception to completion
  • Help to manage executable strategies, partnering across the organization
  • Establish best practices and principles for the decision management organization globally
  • In conjunction with the team - understands the complexities of the department Profit and Loss (P&L)
  • appropriate accruals, client allocations in order to improve operational efficiency and productivity
  • Help provide oversight of the Business Critical Milestone Reporting process and various other executive / client / management reporting processes. Ensure quality, efficiency and accuracy throughout the reporting process
  • Work with the team and respective Decision Management leaders on the communication strategy (e.g. town halls, new hire events) for the department and facilitate the development of communication materials and presentations for senior management, including C-level management, the Board of Directors, Operating Committee and other key stakeholders as required
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards
  • Fulltime
Read More
Arrow Right

Talent Acquisition Analyst

The Talent Acquisition Analyst is responsible for ensuring seamless day-to-day o...
Location
Location
United States , Schiller Park
Salary
Salary:
74182.00 - 96437.00 USD / Year
encoreglobal.com Logo
Encore Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or equivalent experience
  • At least 3-5 years’ work experience in an analytic role
  • 2-3 year’s experience developing end user reporting/analytics
  • Experience working with Applicant Tracking System
  • Preferred knowledge of HRIS systems (UKG is plus)
  • Strong understanding of recruiting and HR processes including experience with recruiting metrics
  • Ability to think critically, reason analytically and work towards solutions
  • Advanced use of using AI tools and platforms
  • Strong MS Excel and PowerPoint skills
Job Responsibility
Job Responsibility
  • Recruiting Technology Integration
  • Strategic partner to talent acquisition team in the development and execution of programs
  • Create actionable plans and serve as project lead for improvement initiatives
  • Utilize and introduce recruitment tools for technology optimization, process efficiencies, and applicant pool management
  • Systems Administration
  • Operate as the technical and social link between ATS system, talent acquisition team and hiring managers
  • Provide ongoing first level user support
  • Work closely with end users to develop and prioritize change requests, system alterations and customizations
  • Lead the technical rollout of system enhancements/updates
  • Manage the control of system access rights, security settings, template updates for job descriptions/offer letters, user accounts, company locations, cost centers, etc.
What we offer
What we offer
  • comprehensive insurance options
  • generous PTO
  • company-matching 401(k)
  • Fulltime
Read More
Arrow Right

Senior GRC Analyst

Senior Security Governance, Risk and Compliance Analyst - Are you a seasoned GRC...
Location
Location
Australia , Brisbane
Salary
Salary:
130000.00 - 140000.00 AUD / Year
https://www.randstad.com Logo
Randstad
Expiration Date
May 08, 2026
Flip Icon
Requirements
Requirements
  • At least 5 years of experience as a GRC Analyst, or a minimum of 2 years operating at a Senior GRC level
  • A strong understanding of fundamental information security concepts, cloud computing, and competency in Windows and Linux operating systems
  • Demonstrated experience with security controls testing frameworks and a deep understanding of regulatory requirements
  • Excellent written and oral communication skills, with the ability to negotiate, resolve conflict, and act as a security ambassador across the business
  • A Bachelor’s degree in a related field or equivalent significant work experience in information security and risk practices
Job Responsibility
Job Responsibility
  • Lead Framework Development: Enhance and maintain the Security Controls Testing Framework and the Information Security Management System (ISMS) to ensure robust organisational protection
  • Manage Third-Party Risk: Define and lead overall vendor due-diligence and third-party risk management efforts to secure the broader supply chain
  • Support Regulatory Compliance: Assist in meeting APRA prudential standards and guidelines, contributing to the development of a robust risk management framework and responding to audits
  • Assess and Monitor: Perform comprehensive security and compliance assessments on new and existing systems, processes, and technologies throughout their lifecycle
  • Collaborate and Report: Interface across the business to provide guidance, track Key Risk Indicators (KRIs), and create insightful reports for management regarding governance and risk topics
  • General Cyber Security Activities: Stay informed on changing IT trends while providing general information security guidance and support to Technology and business units
!
Read More
Arrow Right