GENERAL SUMMARY:
Reporting to the Senior Director, Contract and Vendor Manager, the Manager, Vendor Management (Manager) primary mandate is to manage the process and oversight of the vendor management lifecycle from vendor selection to off-boarding, including post-engagement evaluation and analytics. The Manager will be responsible for maintaining the Foundation’s vendor management system to ensure proper tracking and monitoring of all vendors to ensure compliance with the Foundations terms, policies and standards including IT security and data privacy as well as ensuring the accuracy of all such information. In addition, the Manager will supervise vendor management staff and oversee their work product to ensure the Foundation’s vendor oversight and management are met. The Manager will assist with other contract and vendor management duties as directed by the Senior Director and as time allows.
ESSENTIAL DUTIES & RESPONSIBILITIES:
- Coordinate with procurement and the applicable department representative to ensure completion of all vendor requirements, standards and risk assessment documents at the appropriate time within the vendor selection process;
- Follow-up with vendors as necessary for any clarifications to questionnaire responses or additional information that is needed;
- Analyze the results from the applicable documents and systems and perform an initial risk assessment;
- Discuss the results of the analysis with the applicable department representatives that desires to engage the third party and seek input from subject matter experts such as Procurement, Compliance, Contract Management, Finance and IT Security;
- Develop and manage any risk mitigation actions (e.g., third party to complete certain corrective actions, additional language that needs to be added to the contract) that are necessary based on the third party’s responses and analysis of the risk assessment documents, internal investigation and evaluations;
- On-going monitoring of third parties (e.g., requesting and reviewing annual SOC reports with particular attention to the user controls consideration section and how vendor meets those controls) to ensure on-going compliance with contract terms and applicable CFF standards and codes of conduct;
- Annual re-evaluations and recertification (e.g., debarment checking, SOC report reviews, insurance re-certifications etc.);
- Consult with department representatives on performance standards and adherence to service delivery on an engagement, by engagement basis, including notification and management of vendor is any reperformance or corrective action is required as a result of poor performance of services;
- Manage the off-boarding of third parties to ensure that all foundation system access is deactivated and information is returned or certified as being securely destroyed;
- Maintain and monitor the security and privacy risk position across the vendor management portfolio so that Foundation has an organization-view of third party and vendor risk;
- Ability to work in a matrix environment; and
- Exhibits strong customer service skills and ensures confidentiality and HIPAA compliance.
QUALIFICATIONS:
- Bachelor's Degree (advanced degree preferred).
- ~5+ years in a procurement, contract or vendor management role.
- ~3-5 years of supervisory experience required.
- Experience in data privacy (HIPAA etc.) and data security preferred.
- Initiative, follow-through, sound and accurate judgment with an ability to support and explain reasoning for decisions. Includes appropriate people in decision-making process and ensures that timely decisions are made.
- Analytical skills with the ability to concentrate and pay close attention to detail.
- Advanced knowledge of Microsoft Office including Outlook, Word, PowerPoint and Excel (Access database knowledge a plus).
- Interpersonal skills necessary to deal effectively with a variety of employee and vendor issues.
- Strong written and verbal communication skills.