Third Party Risk Jobs in Virginia (NOW HIRING)

S&P Global has recently announced the intent to separate our Mobility Segment into a standalone public company.

The Role:

Operating across 22 countries, Mobility Global is strengthening its third-party governance framework to support regulatory compliance, information security, and enterprise risk management.

Reporting to the Global Head of Procurement, the Senior Manager, Vendor Risk & Procurement Governance, will lead the operational implementation of the Company's vendor risk management process within Procurement. While Legal Risk & Compliance will design and maintain the enterprise risk framework, this role will be responsible for embedding that framework into procurement workflows, configuring system controls within Coupa, developing employee-facing policy documentation, and ensuring all required vendor risk reviews are completed prior to vendor onboarding or renewal.

This role serves as the operational bridge between Procurement, Legal, Risk & Compliance, and Information Security.

• Translate the enterprise vendor risk framework into scalable procurement processes.

• Embed vendor risk review requirements into end-to-end sourcing and purchasing workflows.

• Define intake requirements and risk-tiering triggers for vendor engagements.

• Establish escalation procedures for incomplete or delayed risk reviews.

• Drive continuous improvement in vendor risk governance processes.

Coupa Workflow Design & Governance

• Configure and maintain vendor risk workflows and approval gates within Coupa.

• Implement system controls to prevent PO issuance without required risk approvals.

• Maintain vendor risk attributes, classifications, and documentation repositories.

• Partner with Finance Systems and IT to enhance automation and reporting.

• Develop dashboards and reporting to monitor review completion, SLAs, and compliance trends.

Policy & Documentation Development

• Draft and maintain procurement-facing vendor risk policies and SOPs.

• Develop clear employee guidance materials explaining:

  • When vendor risk reviews are required

  • How to initiate a review

  • Required documentation

  • Approval requirements and timelines

• Ensure alignment between procurement policy and Legal Risk standards.

• Conduct training sessions for business stakeholders.

Risk Review Coordination & Enforcement

• Ensure all required vendor risk reviews by:

  • Legal Risk & Compliance

  • Information Security

  • Data Privacy

  • Other applicable stakeholders
    are completed prior to vendor onboarding or contract renewal.

• Monitor review timelines and escalate exceptions.

• Maintain documentation of approvals, conditions, and remediation requirements.

• Track and report compliance metrics to Procurement and Finance leadership.

Audit & Compliance Support

• Maintain audit-ready documentation of vendor risk approvals and workflows.

• Support SOX-related vendor governance controls where applicable.

• Partner with Internal Audit on third-party risk assessments.

• Support remediation efforts tied to vendor governance findings.

Cross-Functional Collaboration

• Serve as key liaison between Procurement and:

  • Legal Risk & Compliance

  • Information Security

  • Finance & Accounting

  • Internal Audit

• Drive accountability across business units engaging third parties.

• Promote a culture of governance and risk awareness.

Basic Required Qualifications:

• Bachelor's degree in Business, Supply Chain, Risk Management, Finance, or related field or equivalent relevant experience.

• 7 to 10+ years of experience in Procurement, Third-Party Risk, Compliance, or Governance.

• Experience in a publicly traded or highly regulated organization preferred.

• Direct experience implementing vendor risk workflows in Coupa strongly preferred.

• Strong understanding of third-party risk domains, including:

  • Information security

  • Data privacy

  • Regulatory and compliance risk

  • Operational and financial risk

• Experience developing policy documentation and process controls.

• Strong systems and workflow configuration experience.

Additional Preferred Qualifications:

• Governance-oriented with strong attention to detail.

• Systems-minded and process-driven.

• Confident cross-functional influencer.

• Able to enforce controls in a collaborative but firm manner.

• Comfortable operating in a transformation-oriented, post-spin environment.

Compensation/Benefits Information (US Applicants Only): Final base salary for this role will be based on the individual's geographic location, as well as experience level, skill set, training, licenses, and certifications. In addition to base compensation, this role is eligible for an annual incentive plan. This role is eligible to receive additional S&P Global benefits. For more information on the benefits that we provide to our employees, please click here.

Right to Work Requirements:

This role is limited to persons with indefinite right to work in the United States.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

It is the policy of Mobility to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Mobility will provide reasonable accommodations for qualified individuals with disabilities.