Third Party Resilience Manager

Job Summary

Core services include ensuring critical third parties have appropriate continuity, disaster recovery (technology resilience), cyber and crisis response capabilities. Assess compliance, identify gaps, and define remediation measures. Ensure third-party risks are identified, mitigated, monitored, and reported. Responsible for managing the program governance, strategy, tool(s), policy, standards, and procedures. Responsible for the tactical delivery and ongoing management of third-party resilience assessment, testing, and remediation programs (full lifecycle). Other responsibilities will include oversight of joint testing and exercise programs. Function-specific audit, compliance, and growth initiative support, including vendor evaluations prior to onboarding or offboarding.

Job Duties

Ensures third parties delivering business-critical services are assessed and / or audited in the full BCM lifecycle i.e., areas of disaster recovery (technology resilience), business continuity, cyber response capabilities, crisis incident response, testing / exercising, pandemic planning, risk assessments, business impact analysis, and subcontractor management. Understand Molina's business requirements and third-party dependencies to identify third party gaps and define remediation measures to improve resilience. Provides risk evaluation and control measures to mitigate risks to ensure compliance and alignment with the business requirements. Implement impact tolerance statements for critical services, across the third-party portfolio and participate in stress tests to assess the ability to remain within those tolerances and identify any necessary improvements required. Works with business SMEs to ensure all critical external suppliers and vendors are effectively and robustly managed. Ensures the appropriate governance program and relevant training programs are in place and maintained. Drive third-party resilience related processes and projects including business resilience assessments, testing, contingency planning and exit planning. Including :

• Third-party criticality assessments
• Third-party due diligence, including site visits and collecting results.
• Third-party test planning, exercises, and service commitment validation. Communicate with business partners about testing requirements.
• Third-party engagement inventories, trackers, and dashboards
• Dependency mapping that is accurate and complete, including tracking and reporting of identified gaps or risks.

By applying a strong background in the full lifecycles of third-party risk and resilience, implements risk-based, scalable solutions that effectively address third-party obligations. Contribute to strong risk management culture through collaboration with business representatives and other internal stakeholders. Ensure third-party resilience risks are identified, mitigated, monitored, and reported on an ongoing basis. Provide regular updates including issue reports and metrics to senior stakeholders. May conduct and lead business continuity tabletop and resumption exercises in collaboration with the third-party.

Job Qualifications

Required Education : Bachelor's Degree Required Experience : Minimum 7+ years demonstrated leadership in programs at a national or enterprise level Minimum 7+ years' experience across third-party and risk management disciplines and / or Resiliency audit Minimum 5+ years' experience with project management Experience with reporting systems (i.e., PowerBI or similar) Experience with GRC systems (i.e., Prevalent, Lockpath or similar) Proficient in Excel, PowerPoint, Visio, SharePoint Required Licensure or Certification : BCI or DRII certification (CBCP, MBCP); Resiliency Audit certification highly preferred (such as ISO22301, CBRA, CBCA, CBCLA). Required Knowledge, Skills, and Abilities :

Preferred Qualifications

Experience with Healthcare Continuity

Travel Requirements

Up to 10-20% travel within United States may be needed for select on-site audits