Third Party Risk Coordinator

Location: Mostly Remote — Candidate must reside in Richmond, VA or within a 50-mile radius and be willing to go onsite once a week

Pay rate: $46.40/h

Duration: 12 Months

Key Responsibilities

Supplier Decommissioning Process

Create a Supplier Decommissioning Procedure outlining clear steps, expectations, timelines, and roles & responsibilities.

Communicate the procedure to key stakeholders including Supplier Managers.

Enforce the Supplier Decommissioning Process across relevant departments.

Develop and distribute an Annual Supplier Decommissioning Status Report to stakeholders, including managers of Supplier Managers.

Evaluate the Sirion to Archer data feed for accuracy on terminated or expired contracts.

Document Collection and Review

Ensure Supplier Managers collect and upload required documents to the Archer engagement record:

High-Risk Suppliers: Annual Penetration Test Reports and SOC 2 Type II reports.

Moderate-Risk Suppliers: Annual self-certification or attestation letters.

(Refer to SISE or SISPE in the active agreement to confirm required documents.)

Review Pen Test and SOC 2 Type II reports for any critical or high-risk issues pending remediation.

Notify the BISO and business units of unresolved issues or incomplete treatments.

Manually register unresolved issues in the Archer GRC platform, if necessary.

Assessment Coordination

Assist in developing a monthly assessment schedule (6–12 assessments per month).

Track and report progress weekly.

Coordinate with Supplier Managers, suppliers, and 3rd-party assessment providers:

Inform them of their responsibilities and deadlines.

Ensure accountability with support from the Supplier Risk Manager.

Top 3 Skills:

Excellent communication skills

Strong multitasking and organizational abilities

Collaborative team player