Key Responsibilities: · **TPRM Proposals & Strategy**: Lead the development of TPRM and GRC proposals, defining scope, delivery models, governance structures, and operating models and design enterprise-level Third Party Risk Management strategies aligned with regulatory, operational, and cyber risk requirements. · **Client Engagement Leadership**: Lead and manage complex client engagements in Third Party Risk Management, vendor risk, and GRC and act as engagement lead and trusted advisor for executive stakeholders (CISO, CRO, Risk, Compliance, Procurement, Legal). In addition to that ensure successful delivery of TPRM services including assessments, frameworks, tooling, and operationalisation. · **Security Assessment & Audit Leadership**: Lead third-party security assessments, audits, and assurance activities and define assessment methodologies, risk scoring models, control frameworks, and reporting structures as well as oversee supplier due diligence, onboarding risk processes, and continuous monitoring programmes. · **Technical & Methodological Authority**: Serve as subject matter expert for TPRM, GRC platforms, and vendor risk methodologies and provide leadership in the use of GRC and TPRM tooling (e.g. OneTrust, Archer, ServiceNow GRC, similar platforms). · **Framework Design & Governance:** Design and implement scalable Third Party Risk frameworks, policies, standards, and operating models and align TPRM frameworks with industry standards and regulatory requirements (e.g. ISO 27001, NIST, SOC2, GDPR, DORA, NIS2). · **Project, Delivery & Programme Leadership**: Act as Project Manager, Delivery Lead, and Programme Lead for large-scale TPRM initiatives and manage multi-stream delivery, dependencies, risks, and stakeholder alignment. · **Team Leadership & Management**: Lead, mentor, and develop a team of consultants (up to 5 direct reports) and build high-performing delivery teams and ensure capability development in TPRM and GRC. · **Risk & Compliance Management:** Identify, assess, and manage third-party risks across cyber, operational, regulatory, and reputational domains and advise clients on risk treatment strategies, remediation plans, and control improvements. · **Continuous Improvement & Innovation**: Drive continuous improvement in TPRM methodologies, delivery models, and service offerings and stay current with regulatory developments, emerging risks, and industry best practices in third-party risk and supply chain security.

• Facilitates and leads all aspects of the risk management process to the compliance of the risk management plan • Authors the Contract Risk Management Plan, including annual updates • Facilitates monthly risk reviews with risk owners to ensure quality of risk data is upheld • Publishes monthly risk registers. • Generates monthly reports for the key risk roles to undertake responsibilities • Upholds and reviews risk product quality against associated risk standards. • Prepare risk data and undertakes routine risk analysis

• Demonstrates full understanding and is compliant with regulatory requirements regarding coding of medical information including but not limited to external regulatory agencies such as Quality Improvement Organizations (QIOs), the Centers for Medicare & Medicaid Services (CMS), Medicare National Correct Coding Initiative edits and other payers. • Partners with Coding, CDI, CMD and Quality professionals and others to advance documentation improvement practices. • Reviews clinical documentation and diagnostic results from the EHR to ensure appropriate assignment of the ICD-10-CM/PCS and/or ICD-10-CM CPT/HCPCS codes to support organizational and Clinician Services initiatives. • As indicated, queries providers when existing documentation is unclear or ambiguous following established organizational policy. • Partners with Coding, CDI, CMD and Quality professionals, and others to advance documentation improvement practices. • Demonstrates positive collaboration with team members within Clinician Services and other organizational stakeholders.

• Serve as the primary client contact and gather their requirements; • Prepare and facilitate workshops; • Support engagements from scoping through the definition of data models and operational governance processes (definition of data roles and responsibilities, data modeling, etc.); • Assist the client with data documentation (writing data dictionaries, populating data catalogs, etc.); • Perform market benchmarks of data governance solutions on behalf of our clients; • Contribute to defining clients' data roadmap and its operational implementation.