Third Party Risk Management Specialist

Location: On site in Charlotte, NC

Summary

The Third-Party Risk Management (TPRM) specialist will support the TPRM Manager in successfully executing the First Horizon TPRM program. We are seeking an experienced TPRM Specialist with experience in both first and second line of defense operations, strong knowledge of regulatory heightened standards, and relevant industry certifications. In this role, you will be responsible for executing key components of our Third-Party risk management program within an established framework.

Key Responsibilities

First Line Operations

• Execute due diligence processes for onboarding new vendors and partners
• Partner with SME groups to conduct thorough risk assessments of third parties, including financial stability, operational resilience, information security, compliance and reputation risk evaluations
• Review and provide input on risk-based contract terms and SLAs with service providers
• Perform ongoing monitoring activities for assigned vendors and high-risk relationships
• Implement remediation plans for identified third-party control deficiencies.
• Document and maintain accurate records of all TPRM activities
• Apply solid understanding of applicable First Horizon policies, procedures, and practices to provide effective TPRM assurance
• Build sound business relationships across the enterprise to enable a strong understanding and close alignment with business needs, direction, and risk appetite
• Support the TPRM risk reporting and key metric processes and assist with coordinating and communicating results of third-party risk assessments and risk reassessments
• Respond appropriately to third-party risk or performance incidents, coordinating related investigations, and ensuring appropriate resolution
• Educate Line of Business teams on TPRM program and processes and participate in TPRM Training delivery
• Manage and maintain TPRM repositories, tools, and documentation for TPRM information risk assurance
• Support the TPRM Manager in managing the department routines including participating in business and risk meetings in the TPRM Manager’s absence

Second Line Activities

• Support independent testing and validation of first-line TPRM controls
• Contribute to the development and refinement of TPRM policies and procedures
• Perform second-line reviews of first-line risk assessments to ensure adherence to policies
• Assist in identifying gaps in the TPRM program and recommend improvements.
• Support preparation of TPRM reporting for management review

Regulatory Compliance

• Apply regulatory heightened standards including OCC Bulletin 2013-29, Federal Reserve SR Ketter 13-19, FDIC FIL-44-2008, and global equivalents to daily TPRM activities
• Stay current with evolving regulatory requirements and industry guidance around third-party risk
• Support regulatory examinations related to TPRM and help prepare responses to regulatory inquiries
• Apply regulatory expectations to risk assessment and monitoring activities
• Help ensure third-party relationships comply with privacy regulations (GDPR, CCPA, etc.)

Reporting and Communication

• Prepare comprehensive reports on third-party relationships
• Contribute data and insights for executive level dashboards and metrics
• Communicate effectively with stakeholders about third-party risk issues
• Collaborate with colleagues in SME departments
• Document findings, conclusions, and recommendations clearly and concisely

Qualifications

Experience

• +5 years of experience in third-party risk management, vendor management or related risk disciplines
• Demonstrated experience in both first line (operational) and second line (oversight) roles
• Experience applying TPRM frameworks in regulated environments.
• Background working with regulatory examinations and responding to regulatory findings
• Track record of successful collaboration with stakeholders across business functions

Knowledge

• Strong understanding of regulatory heightened standards for third-party risk management
• Knowledge of risk assessment methodologies and frameworks
• Understanding of contractual risk management principles
• Familiarity with procurement processes and practices
• Working knowledge of information security, business continuity, and operational risk concepts

Skills

• Excellent analytical and critical thinking capabilities
• Strong verbal and written communication abilities
• Effective time management and organizational skills
• Detail-oriented with strong documentation practices
• Ability to translate complex regulatory requirements into practical actions

Education and Certifications

• Bachelor's degree in business, finance, risk management or related field

• One of more of the following certifications preferred:

  • Certified Regulatory Vendor Program Manager (CRVPM)

  • Certified in Risk Management Assurance (CRMA)

  • Shared Assessments Certified Third Party Risk Professional (CTPRP)

About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available atwww.FirstHorizon.com.

Benefit Highlights
• Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits

Follow Us Facebook
X formerly Twitter
LinkedIn
Instagram
YouTube

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.