Responsible for performing governance related activities in support of Mercer’s vendor management framework. This role will responsible for enhancing our vendor risk management program, maintaining our inventory and reporting on vendor risks. You will be a subject matter expert on our program, policy, processes and portfolio of vendor risks. Working with our colleagues and other subject matter experts across MMC Vendor Management, Information Security, Data Privacy, Legal and Compliance, you will guide the business in managing vendor risks. Our colleagues will rely on you for help to manage risks throughout the lifecycle of the supplier relationship, to improve operating performance, and safeguard the Company's value. Key responsibilities are:

Ensuring Mercer remains compliant with the MMC Vendor Risk Management ProgramDrive best practices for communicating with vendor relationship ownersEnsure business and vendor relationship owners are educated on the vendor risk management policy and understand their responsibilitiesManage internal tracking of risk assessments and facilitate escalations for outstanding or incomplete internal and external risk assessmentsEnsure compliance with the IT/Cyber Risk Register process as required by the vendor risk management policy and standardsCoordinate executive reporting on compliance with VRM processesManage maintenance of Mercer Vendor Risk Management InventoryEnsure visibility of contracted and in-scope Mercer vendors.  Validate the completeness of the MMC VRM registry of vendor relationships and ensure vendor data records are up to date. Work with MMC VRM to determine in-scope vendors and engage Information Security when higher risk relationships or services are introducedManage special projects related to Vendor Management, including but not limited to process implementations, responses to vendor security risks (in collaboration with Vendor Risk Management and Information Security) and internal audit responses.Assign and monitor work of Vendor Risk Management support staff, ensuring quality output and adherence to departmental standards and proceduresRecommend new standards and procedures to support continuous improvement

What you need to have: 

Undergraduate DegreeOverall, 8 years with minimum 5 years in risk management, business analyst, or third-party management experience for a global organizationCyber risk and/or information security experience Must be confident in making and enforcing risk-based decisionsProven self-starter with ability to work independently and coordinate with remote teamsMust have excellent ability to effectively communicate verbally and in writing at all levelsCritical thinker with a solution driven mind-setThe ability to lead and manage projects through the full project lifecycleExcellent attention to detailsStrong organizational skills and the ability to meet tight deadlines for deliverablesExcellent interpersonal skills and demonstrated ability to work effectively in a team environment

What makes you stand out?

Formal Project Management experience preferred.Experience with vendor management and/or risk management software required.Experience with OneTrust Third Party Risk Management module preferred.Must possess strong computer skills to utilize Microsoft Tools: Word, Excel, Outlook, SharePoint, and Teams.

Mercer, a business of Marsh McLennan (NYSE: MMC), is a global leader in helping clients realize their investment objectives, shape the future of work and enhance health and retirement outcomes for their people. Marsh McLennan is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $23 billion and more than 85,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit mercer.com, or follow on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.