Senior Analyst – Third Party Risk Management

Gallagher is a global leader in insurance, risk management and consulting services. We help businesses grow, communities thrive and people prosper. We live a culture defined by The Gallagher Way, our set of shared values and guiding tenets. A culture driven by our people, over 30,000 strong, serving our clients with customized solutions that will protect them and fuel their futures.

Position Overview:

Our global Security team continues to grow and we’re looking to hire a Senior Analyst – Third Party Risk Management. The Third Party Risk Management (TPRM) Program is comprised of both External TPRM, including the governance and oversight of Gallagher’s external third party relationships, and Internal TPRM, including the management of responding to client security requests, proposals, and contracts. In this role, you will report directly to the External TPRM’s Global Cyber Information Security Manager and will be responsible for supporting the continuous improvement activities and related projects for the External TPRM program as well as manage and report on real-time third party risks.

Ideally you have 3-10 years of TPRM experience, a background in insurance and Operational or Enterprise Risk Management. You’ll work closely with internal and external stakeholders to identify, communicate, and mitigate risk as well as partner with key stakeholders to enhance processes and solutions that align with the established TPRM framework.

This position can be entirely virtual/remote/work from home and you can sit anywhere in the US.

Responsibilities and Duties:

• In coordination with the TPRM Leadership and support from key stakeholders, support the development and implementation of continuous improvement of the TPRM framework.
• Collaborate with stakeholders, including business relationship owners, divisional leadership, and business partners such as Procurement, Legal, M&A, Compliance, IT Security, and Incident Response to develop appropriate policies, procedures, tools, templates, and collateral artifacts to facilitate the management and execution of an effective third party oversight program.
• Support program related projects and milestones, and ensure dependencies are clearly articulated, understood, and addressed in the planning and execution of the project work.
• Coordinate and conduct third party risk monitoring and remediation through established risk intelligence tools.
• Manage and communicate third party incidents in partnership with Incident Response teams and impacted third parties and internal stakeholders.
• Provide recommendations and best practices to Relationship Managers pertaining to third party processes, activities, and requested actions.
• Support the development of reporting and tools to provide key metrics to track and report on program processes, effectiveness, and success, and develop and maintain a central repository for program related documents.
• Conduct analysis of third party inherent risk using established procedures and tools.
• Maintain third party inventory and support third party discovery activities.
• Support the reporting strategy through development of a governance committee for escalation of risks and issues.
• Ensure adoption of new TPRM practices, including supporting material development for communication campaigns.
• Assess and classify impact of change on stakeholders and stakeholder groups.
• Manage the changes / training associated with new standards, processes and tools.

• Interested candidates must submit an application and resume/CV online to be considered
• Are you 18 years of age or older or can you demonstrate legal capacity to enter a contract?
• Must be willing to submit to a background investigation; any offer of employment is conditioned upon the successful completion of a background investigation
• Must have unrestricted work authorization to work in the United States. For U.S. employment opportunities, Gallagher hires U.S. citizens, permanent residents, asylees, refugees, and temporary residents. Temporary residence does not include those with non-immigrant work authorization (F, J, H or L visas), such as students in practical training status. Exceptions to these requirements will be determined based on shortage of qualified candidates with a particular skill. Gallagher will require proof of work authorization
• Must be willing to execute Gallagher's Employee Agreement or Confidentiality and Non-Disclosure Agreement, which require, among other things, post-employment obligations relating to non-solicitation, confidentiality and non-disclosure