Apply on Employer Site

CNA Insurance · 10 hours ago

Senior Consultant, Third Party Risk Management (TPRM)

Plano, TX

Full-time

Onsite

Senior Level

$72K/yr - $141K/yr

5+ years exp

CNA Insurance is committed to fostering a culture where employees feel valued and empowered. The Senior Consultant, Third Party Risk Management (TPRM) will manage vendor intake processes, ensuring compliance with risk management standards while collaborating with various stakeholders to optimize vendor onboarding and risk control.

FinanceFinancial ServicesInformation ServicesInformation TechnologyInsuranceProperty ManagementReal EstateRisk Management

H1B Sponsor Likely

Responsibilities

Manage the intake and reviews for all net‑new vendors entering the organization; validate scope, data flows, service criticality, and inherent risk indicators at the point of request

Operate the intake workflow across Workday Strategic Sourcing (WSS) and ProcessUnity (PU); ensure requests are properly classified and routed

Collaborate with Procurement to align intake with sourcing milestones (RFP/RFI, contract negotiation)

Produce Reporting metrics on intake volumes, SLA adherence, inherent risk distribution, and critical third party supplier activities

Apply a pragmatic triage model (e.g., exempt items; existing supplier/same scope; existing supplier/new scope; new supplier/new scope) to focus effort on where risk is highest and eliminate unnecessary reviews

Function as the liaison across Procurement, Legal, InfoSec/Tech Risk, Privacy, Business/Operational Resiliency, and Finance to orchestrate TPRM activities within the contracting process, ensuring a seamless and efficient stakeholder experience

Co-lead end‑to‑end risk assessments for high‑impact/new vendors: scoping, risk tiering (IRQ), due‑diligence review (DDQ), and control validation (remote or on‑site), with audit‑ready documentation

Coordinate reviews with SMEs (InfoSec, Compliance, Resiliency, Finance); synthesize control gaps and propose remediation, acceptance, or compensating controls in line with the TPRM policy

Provide coaching to business owners, managed service providers and vendors on completing questionnaires, evidence expectations, and timelines; handle escalations and sensitive assessments with discretion

Lead incremental workflow improvements in WSS/PU and support roadmap initiatives (e.g, Intake Optimization, IRQ refresh, scaled issue management, and risk‑intelligence integrations)

Qualification

Third-party/vendor riskRisk assessmentsStakeholder managementCertifications CTPRP/CTPRACertifications CISACertifications CRISCCertifications CISSPRisk-intelligence platformsProcessUnity administrationDetail OrientationSystems & Data LiteracyOrchestrationInfluenceProcess ExcellenceStakeholder PartnershipCommunication

Required

5-7+ years of experience in third-party/vendor risk, technology risk, or related fields with direct ownership of new vendor onboarding and ‑due diligence‑ assessments

Proven ability to operate at pace in a procurement‑driven environment, triaging high volumes and prioritizing new supplier/new scope engagements

Demonstrated experience coordinating across InfoSec, Legal, Privacy, Resiliency, Finance, and business stakeholders, translating policy expectations into practical contract terms and controls

Excellent written and verbal communication; executive‑caliber reporting and stakeholder management for high‑visibility vendors

Preferred

Certifications: CTPRP/CTPRA, CISA, CRISC, CISSP, or similar

Experience with risk‑intelligence platforms (e.g., Supply Wisdom, Black Kite) and AI‑assisted control/evidence evaluation capabilities

Background in insurance/financial services vendor governance or regulatory frameworks relevant to outsourcing, data protection, operational resilience

Intake mastery - ability to quickly classify requests, separate exempt/low‑risk from high‑impact cases, and keep pipelines flowing without bottlenecks

Orchestration and influence: cross‑functional leadership and stakeholder alignment throughout contracting and onboarding; strong meeting facilitation

Tool fluency - ProcessUnity administration/usage and WSS intake routing; comfort with dashboards, SLAs/KPIs, and audit trails

Risk Judgment & Decisioning: Makes timely, defensible inherent risk determinations with clear rationale

Process Excellence: Builds and enforces standardized intake workflows, SLAs, and data quality checks

Stakeholder Partnership: Collaborates cross-functionally

Detail Orientation: Catches gaps in scope, data during risk reviews

Systems & Data Literacy: Comfort with dashboards, forms, integrations, and vendor artifacts (SOC reports, SIG, CAIQ)

Communication: Clear, concise, and business-friendly briefings and guidance

Benefits

Comprehensive and competitive benefits package

Company

CNA Insurance

Glassdoor3.9

CNA is one of the largest U.S. commercial property and casualty insurance companies.

Founded in 1897

Chicago, Illinois, USA

5001-10000 employees

http://www.cna.com

H1B Sponsorship

CNA Insurance has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (30)

2024 (32)

2023 (25)

2022 (43)

2021 (32)

2020 (14)

Funding

Current Stage

Public Company

Total Funding

$0.88M

2016-09-12Post Ipo Equity· $0.88M

1978-01-13IPO

Leadership Team

Luke Mellors

Vice President, Technology

Daniel Franzetti

EVP of Worldwide Claim

Recent News

PR Newswire

CNA FINANCIAL ANNOUNCES THIRD QUARTER 2025 NET INCOME OF $1.48 PER SHARE AND RECORD CORE INCOME OF $1.50 PER SHARE

2025-11-03

PR Newswire

LOEWS CORPORATION REPORTS NET INCOME OF $504 MILLION FOR THE THIRD QUARTER OF 2025

2025-11-03

MarketScreener

CNA Financial Corporation Announces Board Changes

2025-11-03

Company data provided by crunchbase