Risk Assurance Manager Posted Mar 14
Request Technology - Craig Johnson , San Francisco, CA
Prestigious Enterprise Company is currently seeking a Risk Assurance Manager. Candidate will oversee a team of Analysts responsible for assessing, overseeing, facilitating and managing the third party risk assurance program. Candidate will be responsible for managing the enterprise Risk Assurance tool, technologies, requirements and technical components.


Overseeing the team coordination of end-to-end risk assurance activities.

Overseeing and performing quality control of Analyst day-to-day activities.

Serving as the initial point of escalation for stakeholders and the team as needed.

Responsible for management, administration, communication and updates of the enterprise capability materials such as the procedures, requirements, technology and supporting tools.

Maintaining relationships and facilitating collaboration between the team, Legal, Procurement, External technologies/sources used for Cyber Assurance activities and other key stakeholders.

Ensuring the proper workflow enablement and operations via the tool, from Cyber Assurance Criteria evaluation through Exception Management activities.

Responsible for gathering, maintaining and coordinating technology enhancement requirements from the team, other service stakeholders, enterprise GRC technology owners to manage specific requirements.

Key Responsibilities:

Serve as a day-to-day liaison for Business Owners, Director, CISO and senior stakeholders regarding the service and capabilities.

Manage workflow and ensure quality of Cyber Assurance activities performed by the Team. This includes oversight of cyber assurance criteria evaluation, cyber assurance activities, exception management as well as reporting and metrics.

Oversee third party risk landscape across the enterprise and communicate key changes to the Director.

Facilitate escalations including instances of non-compliance or high-risk concerns or technology issues to appropriate stakeholders.

Oversee completion of Business on-going risk management activities and ensure Analysts report appropriately on instances of non-compliance.

Manage exception escalation processes to ensure appropriate stakeholders and executives across the enterprise are involved based on defined risk thresholds.

Perform/Oversee initial review of risk metrics aggregated by the Analysts and address inquiries regarding reporting/dashboards.

Perform/Oversee sample Quality Control (QC) and Quality Assurance (QA) on activities completed throughout the life cycle.

Oversight of third party data integrity and source of truth management within the Tool.

Initial approval level for the management and administration of procedures, tools and corresponding support materials.

Responsible for collecting, documenting and prioritizing technology requirements, including enhancements and modifications to functionality within the tool.

Develop Business Requirement Documents (BRD) to translate capabilities, procedures and workflows into technology ready documents for implementation.

Serve as the primary tester for related technology enhancements or modifications.

Coordinate with enterprise GRC technology owners to drive consistency, prioritize needs and adhere to appropriate governance procedures.

Manage additional technology sources to perform Cyber Assurance (eg, external sources providing security information, additional technologies enabled to automate processes, etc.).

Drive innovation and enhance opportunities in technologies.


Bachelor's Degree or equivalent work experience

7+ years of experience in Third Party Risk Assurance or risk management or audit required

Knowledge of principles and best practices (industry certifications preferred) in these areas:

Risk Assessment skills required

Audit background, including familiarity with SOC I (SSAE16 ) and SOC II, ISO 27001, etc. required

Experience with configuring, managing and deploying enterprise GRC technologies

Experience managing teams in a fast paced environment

Ability to communicate and work with senior level stakeholders on a regular basis

Ability to independently manage and prioritize work load

Detail-oriented with strong analytic skills

Excellent oral and written communication skills

Knowledge of insurance industry preferred

Experience managing and executing Third Party Risk Assurance capabilities in an innovate environment required

Employment Type: Permanent
Work Hours: Full Time
Other Pay Info: Open + Bonus

Click here to apply - Please mention that you saw the job on About Leaders