About KellyOCG
Kelly Outsourcing & Consulting Group (KellyOCG) is a global leader in talent management solutions, specializing in MSP and RPO. We partner with leading organizations to help them attract exceptional talent and deliver outstanding workforce solutions.
We're looking for passionate, driven professionals who love delivering amazing results and want to be part of a high-performing team.
About the role
As a Senior TPRM Analyst, you will support Execute inherent and residual risk assessments (IRA/RRA) for suppliers, vendors, customers, and partners by analyzing questionnaire responses, evidence, and assessing risk scores. Collaborate with domain SMEs (cybersecurity, privacy, ESG, legal) to validate risks, identify required controls, and escalate high-risk engagements as needed. Contribute to TPRM policy, framework, and SOP development, including control libraries, risk taxonomy, and process documentation. Engage with cross-functional teams (Procurement, Legal, Sales, Supplier Enablement) to gather risk-relevant data and ensure alignment with business context. Support remediation tracking, risk reporting, and audit readiness by maintaining documentation and providing inputs for dashboards and governance updates.
Key responsibilities
Strong understanding of the third-party risk management lifecycle, including inherent/residual risk assessments, onboarding, and monitoring (Required)Hands-on experience evaluating risk domains such as BCM, Financial, Operational, Regulatory, cybersecurity, privacy, ESG, and reputational risk (Required)Lead and execute comprehensive third-party screening and due diligence activities, including inherent risk screening, adverse media checks, sanctions and watchlist screening, regulatory exposure analysis, and review of third-party ownership and reputational risk indicators.Apply judgment to screening results to determine risk relevance, escalate high-risk findings, and support informed onboarding and risk acceptance decisions in alignment with TPRM governance standardsExcellent analytical and communication skills with the ability to interpret risk data and articulate findings to stakeholders (Required)Proven ability to collaborate with cross-functional teams like Legal, Procurement, and IT to align on risk mitigation strategies (Required)Familiarity with TPRM or GRC tools such as Coupa, ServiceNow, Archer, or equivalent platforms (Preferred)Working knowledge of regulatory and control frameworks such as ISO 27001, NIST, SIG, or GDPR (Preferred)Risk Assessment & Execution
Conduct inherent and residual risk assessments (IRA/RRA) across third-party categories (suppliers, vendors, customers, partners)Review questionnaires and supporting evidence across domains like such as cybersecurity, privacy, ESG, and legalCollaborate with SMEs to validate risk exposure, assign scores, escalate high-risk cases, and track remediation itemsPolicy, Process & Stakeholder Engagement Contribute to development and enhancement of TPRM policies, SOPs, intake triggers, and risk taxonomiesEngage with Legal, Procurement, Sales, and Supplier Enablement to gather risk inputs and align assessments with business contextSupport risk reporting, audit readiness, and periodic governance documentationAdditional Duties Assist in onboarding, cross-functional projects, and other tasks as assigned to support TPRM operations
What we're looking for
Minimum 3-5years' experience in performing TPRM Risk Assessments and conducting third-party screening, due diligence, adverse media analysis, and sanctions/watchlist reviews.Someone who is proactive and can drive responsibilities as individual contributor and team player wherever needed.Experience in third-party due diligence, enterprise risk, compliance, or governance roles. (Required)Experience performing risk assessments and scoring for third-party engagements. (Required)Exposure to Coupa Risk Assess, ServiceNow VRM, Archer, or similar TPRM/GRC tools. (Required)Drafting policies, SOPs, or risk documentation in a legal/compliance environment (Preferred)Experience with TPRM for a provider of staffing services (Preferred, but not Required) Certifications Preferred: CTPRP, CRMP, CISAWhy join KellyOCG?
Work with a global industry leaderMeaningful client impactCollaborative and supportive team cultureOpportunities for professional growth Read Less