Procurement Risk & Compliance Lead
Mobility Global · Centreville, VA · 3 wk ago
PurchasingFull-time
About the role
Mobility Global is developing and building its third-party governance framework to support regulatory compliance, information security, and enterprise risk management. The Procurement Risk & Compliance Lead will lead a small team responsible for the operational implementation of the Company’s vendor risk management process within Procurement.
Responsibilities
- Translate the enterprise vendor risk framework into scalable procurement processes and policies.
- Work with risk domain owners to define intake requirements and risk-tiering triggers for vendor engagements.
- Monitor the TPRM process and ensure timely completeness of the risk reviews by the applicable risk domain owners.
- Drive continuous improvement in vendor risk governance processes.
- Maintain vendor risk attributes, classifications, and documentation repositories.
- Partner with Finance Systems and IT to enhance automation and reporting.
- Develop dashboards and reporting to monitor review completion, SLAs, and compliance trends.
- Draft and maintain procurement-facing vendor risk policies and SOPs.
- Conduct training sessions for business stakeholders.
- Monitor review timelines and escalate exceptions.
- Maintain documentation of approvals, conditions, and remediation requirements.
- Track and report compliance metrics to Procurement and Finance leadership.
- Maintain audit-ready documentation of vendor risk approvals and workflows.
- Support SOX-related vendor governance controls where applicable.
- Partner with Internal Audit on third-party risk assessments.
- Support remediation efforts tied to vendor governance findings.
- Promote a culture of governance and risk awareness.
Qualifications
- Bachelor’s degree in Business, Supply Chain, Risk Management, Finance, or related field or equivalent relevant experience.
- 7 to 10+ years of experience in Procurement, Third-Party Risk, Compliance, or Governance.
- Experience in a publicly traded organization required.
- Strong understanding of third-party risk domains, including: Information security, Data privacy, Regulatory and compliance risk, Operational and financial risk.
- Experience developing policy documentation and process controls.
- Strong systems and workflow configuration experience.
- Must be a results-focused team player and adapt well to a multitasking, fast-paced environment with changing priorities and challenges.
- Strong organizational, presentation, and communication skills.
- Experience working cross-functionally with Technology, Legal, Finance, and Risk teams.
Additional Preferred Qualifications
- Experience with LogicGate or similar TPRM tool.
- Governance-oriented with strong attention to detail.
- Systems-minded and process-driven.
- Confident cross-functional influencer.
- Able to enforce controls in a collaborative but firm manner.
- Comfortable operating in a transformation-oriented, post-spin environment.