Download App | FOLLOW US ON SOCIAL MEDIA
 Upload Your Resume   Employers / Post Jobs 

Insurance Defense Attorney / Litigation - Insurance Attorney in Owings Mills, MD

CareFirst BlueCross BlueShield Jul 19,2018 May 25,2018 Location USA Owings Mills MD
This job is expired...

Public Interest

Attorney

Insurance

Litigation - Insurance

8-10 yrs required

Profile

Third Party Risk Management Program Manager The candidate will oversee, guide and mentor Third Party Risk staff in the completion of third party assessments. Will lead oversight of activities for planning and executing end-to-end third party assessments to ensure the adequacy of controls in place to safeguard the organization, including: identifying third party services and business owners; mapping services to business process taxonomy and systems inventory; documenting process flows and reconciling services performed to the contract; defining assessment scope and establishing a test plan; executing test plan and issuing an assessment report including remediation plans for issues identified; and driving remediation of issues identified, gathering evidence to support remediation, and reporting on progress of remediation through to completion. Manage use of co-source partner to facilitate third party assessments, including review of deliverables and ensuring consistency is maintained with established CareFirst methodology and requirements. Facilitate self-directed assessments with third party accountable executives, including: identifying third party key stakeholders, services provided and related third party metadata (e.g., Areas of Risk, Partner Segment, Business Associate Agreement, Data Use Agreement); deliver awareness and training materials to management; facilitate assessment to identify awareness opportunities and risks for further review/assessment. Maintain documentation in an organized and re-performable fashion, including leveraging the Governance Risk and Compliance (GRC) tool and repository (e.g. MetricStream and SharePoint). Develop teamwork and synergies among staff personnel throughout the organization working closely with subject matter resources (SMRs), embedded compliance functions, and third party managers across the enterprise. Throughout assessments, identify and maintain a repository of best practices and tools/accelerators related to Third Party Risk Management. Utilize expertise to identify evolving risks and threats pertaining to third parties and provide in-depth understanding of “if, how, and when” the risks/threats should be addressed. Develop training and awareness materials to deliver to third party managers across the enterprise. Lead training and awareness sessions to convey best practices, lessons learned, and pervasive issues identified as it pertains to third party risk management. Establish and maintain close working relationships with third party accountable executives and managers. Identify third parties with access to sensitive customer data. Map the relationships between third parties and internal business owners to identify internal stakeholders. Refine internal framework for assessment including standardized measures which ensure internal standards for data protection, privacy, and access control are acceptable by internal requirements. Evaluate and assess third party criticality and review changes in scale and scope of services contracted with third party for impact. Confirm ongoing roles, responsibilities and persons involved with the third party. Provide periodic reports to management and stakeholders. Manage, monitor, and track third party compliance to the Third Party Risk Management Program; evaluate to execute recommendations for improvement where appropriate. Lead continuous monitoring and improvement activities to assure continued refinement and compliance of third party risk management assessments and practices across the enterprise. Be a catalyst for change, leading staff across the enterprise to welcome/accept change with minimum anxiety. Maintain a high level of knowledge of technological changes, new technology, assessment issues, risk management best practices, third party modifications, and incorporate them into TPRM. Provide consulting and advisory services, best practices and change leadership to drive continuous improvement to internal processes and controls. Manages the full project management life cycle and software development life cycle for the implementation of highly complex, large scale, strategic IT and Business initiatives. Implements established policies, system monitors and controls to ensure the successful management and reporting of all initiatives in the Program. Supervises and leads the program and project staff to oversee the impacts and interdependencies between programs and works to ensure initiatives meet the CareFirst goals and objectives of the executive leadership team. Perceived by peers and staff as a leader. Serves as subject matter resource, providing technical, business and analytical guidance to the program and project teams. Works with Technical and Business areas to provide support and coordination to ensure adoption of new systems and business processes in the CareFirst environment. Manages contracts and vendors assigned to projects included in the assigned program(s). Manages and directs multiple medium to large-scale projects that may not fit into a defined program. Works on complex problems where analysis of situation or data requires an in-depth evaluation of various factors to achieve best results. Exercises judgment within broadly defined policies and practices to develop corporate-wide methods and techniques. Works effectively with internal and external clients, third party vendors, and Senior Management in accomplishing project objectives. Evaluates complex situations accurately and identifies viable solutions that create successful outcomes for the customer. Develops and maintains “lessons-learned” inputs in the project repository for utilization on future projects. Collaborates with the finance department and various functional managers to ensure project budgets are properly estimated and controlled; provide overall financial recommendations, and develop controls and measurements to monitor progress. Provides Finance with monthly accrual and forecasts by the due date established by Finance using the tools developed by Finance/PMO. Maintains currents statements of work for all contractors; tracks and approves contractor invoices in a timely manner. Provides regular updates to project sponsor and stakeholders on the status of the budget. Documents reasons for budget excess or shortfall. Resolves political, resource, budgeting, change, and legal issues affecting the program. Acts as administrator to the GRC tool/repository maintained for assessment reports, findings, recommendations, evidence, tools, and accelerators. Develops and trains staff for purposes of performing assessments, learning CareFirst processes and controls. Responsible for leading staff in adequately performing assessments in accordance with TPRM methodology. Maintains accountability for the accuracy of information maintained within the GRC tool/repository. Maintains responsibility for timely escalation of concerns identified to the Third Party Risk Program Manager. Supervises and leads a team of direct and indirect reports (associates; contractors; vendor staff) consisting of: Auditors, Project Management Staff (Sr. Project Managers, Project Managers, Project Controller/Coordinators), Budget Analysts, Contractor Staff and Vendor Staff. (Team size will vary by approved initiatives); IT and Business Directors, Managers, other program staff in a matrix model. Supervises Vendors/Contractors based on project needs against a Contract and Statement of Work, against a set of deliverables and defined payment milestones. Review staffing goals and expectations to ensure that each is consistent and adequate to meet departmental/divisional goals in support of overall company goals. Sets high expectations of significant influence on other departments/divisions for all audit activities, risk assessments and process improvements to support control objectives with cross-functional impacts. Delegate responsibility and authority to appropriate staff within the team, regularly monitoring progress to ensure goals are met. Evaluate performance of each team member, generates development plans and sets goals within the context of the corporate policy. Provided coaching, counseling and motivation to team members ensuring staff has the appropriate tools and training (establishes Performance Development Plans for staff). Drive commitment and continuous personal improvement, self-confidence, insight, judgment, integrity, ethics, and responsiveness, timeliness, flexibility and adaptability. Supervises and leads a team of direct and indirect reports consisting of (Team size will vary by approved initiatives); Direct Reports: 3-5; comprised of CareFirst Associates (Audit Staff, Program/Project Managers, Technical delivery managers, Business Analysts, and other program staff), Interns and Contractors/Consultants. Indirect reports: 10-15; Audit Staff, Program/Project Managers, Technical delivery managers, Business Analysts, and other program staff in a matrix model; External Audit firm teams, Contractors and Vendor Consultants based on project needs against a Contract and Statement of Work, against a set of deliverables and defined payment milestones.

Qualification and Experience

The candidate should have BS/BA degree and 8-10 years of experience, in a Third Party Management, Risk Management, Audit, or Legal services role. Must have certification as a CPA, CIA, CISA, CISM or comparable certification; advanced degree (e.g., MBA, ML, LLM or JD); healthcare insurance industry experience.Must have expertise in vendor management, including knowledge of contractual language, service licensing agreements (SLAs), and statements of work (SOWs). Must have strong capabilities and experience in performing independent assessments, including compliance legal reviews, contract reviews, testing controls, and developing and reviewing assessment reports. Must have knowledge of third party management and assessment best practices and an ability to evaluate programs from a holistic point of view. Must have highly developed oral and written communication skills to effectively communicate risk management, vendor management, and business risks to a non-technical audience, as well as senior executives. Must be experienced and proficient with Word, advanced Excel and database management and related software applications; possess excellent oral and written communications; able to communicate and make presentation to all levels of management and associates at all levels throughout the Company. Additional qualities are good analytical skills, time management skills, judgment and strong decision-making abilities. Experience with performing third party risk assessments is preferred.


Deadline: 14 June 2018

Additional info

Job ID: 11037

Company info