Director - Third Party Risk Management

About St. Jude
There’s a reason St. Jude Children’s Research Hospital consistently earns a Glassdoor Employee Choice Award and is named to its "Best Place to Work" list. At our world-class pediatric research hospital, every one of our professionals shares our commitment to make a difference in the lives of the patients we serve. There is a unique bond when you are part of a team that gives their all to advance the treatments and cures of pediatric catastrophic diseases. The result is a collaborative, positive environment where everyone, regardless of their role, receives the resources, support, and encouragement to advance and grow their careers.

Position Overview
The Director - Third Party Risk Management will be responsible for leading the monitoring, assessment, and reporting functions of third-party risk management. This individual will partner with the Legal, Compliance, Audit, Supply Chain Management, and Information Security areas to create, implement, maintain, and review an effective third-party risk management program.

This position may be eligible for the possibility of remote work.

Job Responsibilities:

• Facilitate compliance with regulatory agencies’ requirements, facilitate compliance with policies and procedures, and aid in quality improvement.
• Interface, communicate, and collaborate with departments to mitigate risk and provide risk education.
• Develop and administer a Third-Party Risk Management Program including policies and procedures, guidelines, standards, templates, forms, and an overall governance process.
• Establish risk tiers and a framework for conducting risk assessments of third parties to identify and evaluate potential risks across multiple domains, including financial, operational, and reputational risks.
• Assist operational and business leaders in performing risk-based due diligence on third-party suppliers to ensure they meet the organization's standards and regulatory requirements, taking into account geopolitical risk, compliance risk, reputational risk, financial viability, and resilience.
• Develop and implement risk mitigation strategies and controls to minimize the organization's exposure to third-party risks.
• Implement ongoing monitoring capabilities to track changes in vendors’ risks profiles, regularly reviewing and updating risk assessments based on changes.
• Modernize the process for review and maintenance of vendor certificates of insurance.
• Review and recommend contractual language and evaluate new endeavors for minimizing potential risk exposure.
• Develop clear and concise metrics and analytics and prepare reports highlighting key risk metrics and insights for leadership, facilitating informed decision-making and heightened awareness of potential threats.
• Develop and deliver training programs to educate staff on third-party risk management policies, procedures, and best practices. Foster a culture of risk awareness and accountability throughout the organization.
• Coordinate with Risk Insurance function in review of institutional insurance policies as relevant to third-party risk.
• Support audit reviews, regulatory inquiries, and internal risk self-assessments as relevant to third-party risk.
• In conjunction with Legal, Compliance, and Internal Audit, collaborate in supporting the institution’s Enterprise Risk Management (ERM) Program.
• Perform other duties as assigned to meet the goals and objectives of the department and institution.
• Maintain regular and predictable attendance.

Minimum Education and/or Training:

• Bachelors’ degree in Risk Management, Health Care Administration, Information Security, Business Administration, Paralegal Studies, or related field with a minimum of 10+ years of progressive, related experience OR Juris Doctorate degree with 8+ years of experience including internships.

Minimum Experience:

• 5+ years of experience managing initiatives and/or operational processes.
• Knowledge of principles of ERM and control frameworks (e.g., ISO, etc.) is preferred.
• Demonstrated ability to build strong relationships across the organization.
• Ability to discern and measure business-relevant risk from third-party risks and issues, and to identify cost-effective remediation options.
• Excellent communication skills, with the ability to articulate complex risk scenarios to diverse audiences.
• Strong analytical and problem-solving abilities.
• Experience in an academic medical center, hospital, or health care field is preferred.
• Global/international experience is preferred.

Special Skills, Knowledge and Abilities: 

• Shows strong skills in thinking critically with a systemic view.
• Shows expertise in taking a structured approach to analyze and resolve issues.
• Able to distinguish between different sets of issues, set priorities, and make decisions.
• Builds internal connections and external partnerships across executive/leadership and other levels.
• Strategically understands stakeholder needs and manages expectations and relationships on a regular basis.
• Handles highly sensitive or tough situations with social and emotional grace and maturity.
• Models resourcefulness by reaching out to people within and outside functional groups to get work done effectively.
• Keeps large teams/ departments energized and focused on high-quality results by leveraging data/ analytics-based approaches.
• Builds systems, processes, and capabilities that can set and deliver a high-performance culture.
• Encourages a culture of customer centricity among peers and teams.
• Understands nuances and complexities of a customer issue/ requirement and goes beyond the task to think through new alternatives.
• Anticipates and addresses critical customer needs through engagement with cross-functional stakeholders.
• Is able to summarize complex legal observations from analysis effectively to a diverse audience to support strategic decision-making.

Compensation

In recognition of certain U.S. state and municipal pay transparency laws, St. Jude is including a reasonable estimate of the compensation range for this role. This is an estimate offered in good faith and a specific salary offer takes into account factors that are considered in making compensation decisions including but not limited to skill sets, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the salary range and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current salary range is $114,400 - $216,320 per year for the role of Director - Third Party Risk Management.

Explore our exceptional benefits!

Diversity, Equity and Inclusion

St. Jude Children’s Research Hospital has a diverse, global patient population and workforce, built on the principles of diversity, equity and inclusion. Our founder Danny Thomas envisioned a hospital that would treat children of the world—regardless of race, religion or a family’s ability to pay. Learn more about our history and commitment.

Today, we continue the mission to advance cures and means of prevention for pediatric catastrophic diseases through research and treatment. As we accelerate this progress globally, we believe our legacy of diversity, equity and inclusion is foundational to success. With the commitment of leaders at all levels of the organization, we strive to ensure the St. Jude culture, leadership approaches and talent processes are equitable and culturally responsive. View our Diversity, Equity and Inclusion Report to learn about the hospital’s roots in diversity, equity and inclusion, where we are today and our aspirations for an even better future.

St. Jude is an Equal Opportunity Employer

No Search Firms

St. Jude Children's Research Hospital does not accept unsolicited assistance from search firms for employment opportunities. Please do not call or email. All resumes submitted by search firms to any employee or other representative at St. Jude via email, the internet or in any form and/or method without a valid written search agreement in place and approved by HR will result in no fee being paid in the event the candidate is hired by St. Jude.

Apply