AVP, Third Party Risk & Assurance

You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest potential.
CNA is seeking an Assistant Vice President, Third Party Risk & Assurance to join our Procurement team. This role involves leading a team that provides comprehensive services to help the business make informed decisions about Third Party Risk.
This Officer position is responsible for providing overall management and direction of enterprise-level policies, processes, and execution related to the Third Party Risk Management (TPRM) function. The TPRM function includes a global remit across CNA and is integral for ensuring that CNA's risk and performance management of Third Parties meet state, federal, and international regulatory requirements while ensuring the highest level of service delivery to CNA. The TPRM functions performs risk assessments, which evaluate CNA's Third Party control effectiveness across cybersecurity, business continuity, compliance and operational risk areas.
Join us at CNA and play a crucial role in safeguarding our data and reputation while ensuring compliance and operational excellence.
We are open to a variety of work arrangements including hybrid from our Chicago headquarters or fully remote.
JOB DESCRIPTION:
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:

• Accountable for the program design, execution, and oversight of the Third Party Risk Management function.
• Responsible for developing program policy and procedures that provide global, enterprise guidance on Third Party Risk requirements and risk management guidelines. These global standards ensure CNA meets regulatory requirements and appropriate risk diligence is conducted to protect CNA financially, operationally, and reputationally.
• Establish and maintain relationships with senior business leaders within the business line, corporate support functions, and risk stakeholders within the 2nd Line of Defense to ensure the TPRM program is aligned with enterprise risk appetite and general strategy.
• Adopt and execute a continuous improvement approach for the TPRM program; ensuring that the program adopts industry best practice for program design, execution, and technology automation. Effective and active management of the program roadmap contributes to the development of an industry best Third Party Risk Management function at CNA.
• Actively lead, train, and mentor a team of Third Party Risk Management professionals. Periodically review resourcing requirements and coordinate with Procurement leadership, Finance, and Human Resources on hiring and training needs.
• Lead all program reporting, including Key Risk Indicators and issue escalation, to the Third Party Risk Management Committee consisting of BU management, including C-level executives.
• Provide business lines with clear, actionable reporting on their Third Party risk assessments and risk related metrics for their critical and high risk Third Parties.
• Perform at least annual reviews of policies, procedures, and standards to include the TPRM assessment methodology, Third Party risk tiering methodology, and issue escalation and remediation.
• Accountable for meeting various state and federal regulatory requirements related to Third Party Risk Management.
• Serve as the functional expert and senior liaison for any program inquiries from external parties to include audits, inquiries, and onsite visits.

May perform additional duties as assigned.
Reporting Relationship
Vice President or above.
Skills, Knowledge & Abilities

• Identifies and implements best practices in Third Party Risk Management; must demonstrate sufficient expertise in Third Party Risk Management and Third Party risk assessments.
• Provides leadership, direction, and influence for internal and external stakeholders; proven ability to collaborate and manage cross-functional teams.
• Excellent interpersonal, presentation, verbal and written communication skills with demonstrated experience in securing leadership buy-in and enacting change management related to program enhancement and implementation.
• Builds positive working relationships with internal CNA leadership as well as key leadership at external Third Parties (i.e. Chief Information Security Officer, Chief Risk Officer) to support TPRM program adoption.
• Proven ability to drive execution in an emergent and developing program in addition to leading and managing a steady-state, well-established function.
• Ability to exercise professional judgement, make decisions and assume responsibility for decisions which have an impact on people, costs, and the delivery of services.
• Effective in enforcing program requirements designated by policy and procedure; ability to navigate difficult conversations with both internal and external stakeholders.
• Data driven with continuous improvement mindset.
• Recognized as a collaborative, team-player. Develops team consensus based on strong verbal communication, negotiation skills, and high emotional intelligence.
• Advanced computer skills including Microsoft Office suite and other business related software systems, to include Third Party Risk Management technology solutions.

Education & Experience

• Bachelor's degree or equivalent

• Master's degree in risk management or cybersecurity preferred

• Typically a minimum of 10 years relevant work experience in either Third Party Risk Management or Supplier Risk Management

• Typically a minimum five years of previous management experience

#LI-LG1
#LI-Remote
I n certain jurisdictions, CNA is legally required to include a reasonable estimate of the compensation for this role. In District of Columbia , California, Colorado, Connecticut, Illinois , Maryland , Massachusetts , New York and Washington, the national base pay range for this job level is $152,000 to $242,000 annually.Salary determinations are based on various factors, including but not limited to, relevant work experience, skills, certifications and location. CNA offers a comprehensive and competitive benefits package to help our employees - and their family members - achieve their physical, financial, emotional and social wellbeing goals. For a detailed look at CNA's benefits, please visit cnabenefits.com .
CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation, please contact [email protected]