Assoc. Dir, Vendor Risk Management

Branchburg, NJ, US
May 07 2018
Organization Type
Requisition ID: COM000672

Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its legacy for over a century. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.  Position Description 

Given the increasing dependency on trusted partners to conduct Merck’s business and the exponential rise in cybersecurity threats and complexity of those threats, there is a need for dedicated position for supplier information risk management in ITRMS.

The Associate Director, ITRMS for Supplier risk management will have leadership responsibility for both strategic and operational supplier risk management activities from IT perspective. The position requires ability to apply risk-based principles to supplier management, effectively communicate risks to stakeholders, and evaluate/verify closure of identified supplier risks from IT perspective.  In addition, the position will lead a transformational program to develop a framework for supplier risk management and build supporting tools and processes.

Responsibilities include but are not limited to:

·         Operational Leadership:

o    Collaborate with IT Business Operations and Merck Global Procurement to enforce effective supplier IT risk management services and governance.

o    Serve as the subject matter expert in interpreting requirements and improve awareness of Operational Risks faced by Business from supplier failure/poor performance and work with Strategic Sourcing/Legal/Business to mitigate any losses through supplier compensation achieved through establishment of robust contracts

o    Serve as lead for monitoring risk incidents, remediation resolution including development and execution of corrective action plans and ensure follow-on reporting and monitoring.

o    Partner with Business Units & internal support functions to help ensure that all risk assessment and mitigation requirements have been met; risk is monitored & mitigated throughout testing/ development/ implementation and use

o    Maintain IT Third Party Risk Management Process SOP

o    Manage initial and periodic IT 3rd Party Risk Assessments and Risk Mitigation process

o    Negotiate and resolve partner generated issues including initial contract language aspects

o    Coordinate or Perform Onsite Supplier Audits, as needed, along with closure and completion of identified gaps within appropriate timeframe.

o    Provide oversight to strategic suppliers’ BCP and DR activities

o    Manage a team of Risk Analysts (as needed) to perform operational activities


·         Strategic Program Leadership:

o    Design and implement a common and consistent Supplier risk management (SRM) framework and program to effectively manage supplier risk in accordance with internal policy and Federal/ State Regulatory requirements

o    Define and maintain Risk Catalog (identification of Risks)

o    Collaboration with other compliance areas such as Privacy for common remediation

o    Align IT 3rd Party Risk Management activities to IT-wide Risk Register

o    Define, maintain and report on Key Risk Indicators and Key Performance Indicators (KPI) and metrics

o    Analyze and identify areas for consolidation, aggregation and/or integration across the IT 3rd Party Risk Management function

o    Establish and Maintain Risk Management relationship with key IT 3rd parties’ Risk Management areas

Analyze, update, and modify procedures and processes to identify and continuously implement supplier risk management process improvements Qualifications

Position Qualifications

Education Minimum Requirement:

Bachelor’s degree or higher in science, engineering or a related disciplineCISSP or CTPRP certificationRequired Experience and Skill:

A minimum of 10 years related work experience in a global IT organizationMinimum 5 years’ experience in any areas of supplier risk management Strong pharmaceutical, health care or cross-industry business acumen Should possess well-developed communications and interpersonal skills. Must have the ability to influence others through credibility and leadership skills Must have the ability to work effectively in a matrixed environment.A strategic thinker with strong operational and delivery skills.Strong personal and professional ethical values, impeccable integrity, and the energy level and stamina required to meet the demands of the position.  

Preferred Experience and Skills:

Master of Business Administration (M.B.A) Any IT Risk Management, Security or Privacy or Project Management Certification

Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life. 
If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to   Search Firm Representatives Please Read Carefully:  Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity.  Please, no phone calls or emails.  All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck.  No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means. Visa sponsorship is not available for this position.  For more information about personal rights under Equal Employment Opportunity, visit:              EEOC Poster             EEOC GINA Supplement

Job: Compliance & Risk Management
Other Locations: West Point, PA, US
Employee Status: Regular
Travel: Yes, 10 % of the Time
Number of Openings: 1
Shift (if applicable):
Hazardous Materials: No
Company Trade Name: Merck

Similar jobs

More searches like this

Similar jobs