Senior Manager - Third Party Risk Strategy

You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.

In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.

When you join us, you will have:

• Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
• A voice that matters: From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
• Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
• Exceptional benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family.

You will lead strategy and program oversight across multiple third-party risk verticals, including suppliers and client-facing collaborators.

You will be responsible for shaping and advancing a unified, end-to-end TPRM framework that supports a diverse and global third-party ecosystem. You will own the design and evolution of the firm's third-party risk lifecycle, including risk identification, onboarding due diligence, risk tiering, ongoing monitoring, issue management, and offboarding governance.

You will ensure that the framework is consistently applied across third-party segments, while incorporating tailored approaches for different risk profiles and engagement models. You will ensure that onboarding processes are efficient, auditable, and aligned with firm risk appetite and user experience expectations.

You will be part of Optimize, McKinsey's global procurement capability, enhancing and protecting the firm's resources and reputation by making responsible buying easy and creating leading solutions and experiences across our third-party ecosystem. You will be joining the Third-Party Risk Strategy pillar of Optimize's Third Party Risk & Social Responsibility team. This team defines and governs the firm's global third-party risk management (TPRM) program, spanning various third-party types and risk domains.

While day-to-day execution is led by the Operations team, you will be accountable for program performance and alignment to strategy. You will assess whether service levels, controls, and processes are operating effectively across verticals, and drive improvements where gaps are identified.

You will define and monitor key program metrics, including service levels, onboarding cycle times, risk coverage, and remediation effectiveness. You will use these insights to optimize performance, reduce risk exposure, and improve the overall third-party experience.

You will partner closely with the governance pillar to inform the development of policies, standards, and control requirements, providing input based on program insights, operational performance, and emerging risks. You will ensure that policies and standards are effectively translated into scalable processes, tools, and workflows across the third-party risk lifecycle. You will stay ahead of evolving regulatory expectations and industry frameworks (e.g., NIST, ISO, SOC, and relevant regulatory guidance), assessing implications for the program and driving necessary enhancements to maintain alignment.

You will own the evolution of third-party risk tooling and digital capabilities, including governance of TPRM platforms, onboarding workflows, data sources, and reporting infrastructure. You will drive the use of data, automation, and analytics to enhance scalability, transparency, and decision-making.

In addition to strategy development, you will lead execution of complex, global initiatives to enhance program capabilities, improve processes, and implement changes across the firm. You will play a key role in strengthening risk management capabilities, including supporting documentation, training, and fostering a strong risk-aware culture.

You will report to the Director of Third Party Risk Strategy and work closely with global stakeholders including Ethics & Compliance, Finance, Legal, Client Service Risk focused specifically on suppliers and client-facing collaborators (CFCs) external entities the firm engages with to deliver products and services, including suppliers, and ecosystem partners. You will be based out of London, Philadelphia, New York, New Jersey, Atlanta, Boston, Miramar, Tampa, or Washington DC office.

• 10+ years of professional experience with a demonstrable record of impact, including 10+ years in third-party risk management, compliance, or a related field, ideally within a global organization
• Deep expertise in third-party risk management frameworks, including lifecycle design, onboarding processes, and internal control environments across multiple third-party segments
• Experience designing, governing, or advancing enterprise risk programs, with accountability for program performance and outcomes
• Experience in a professional services or consulting environment strongly preferred
• Strong understanding of global regulatory expectations and industry frameworks related to third-party risk (e.g., NIST, ISO, SOC, and relevant regulatory guidance)
• Experience with TPRM/GRC platforms and driving digital enablement, including workflow design, data, reporting, and automation
• Exceptional analytical and problem-solving skills, with the ability to translate complex data into actionable insights
• Excellent judgment and exceptional integrity, as well as distinctive interpersonal and collaborative skills
• Proven ability to lead large, cross-functional initiatives and drive execution in complex, global environments
• Curious mindset and demonstrated ability to learn new concepts and ideas, and to apply those concepts across multiple content areas
• Strong professional computing skills, including Microsoft Office products (i.e. Excel, PowerPoint, Visio)
• Comfortable with ambiguity in a work-setting, knowing how to address and manage unpredictable outcomes
• Superior communication & interpersonal skills, including the ability to present to a global audience on a regular basis, build and maintain highly effective and collaborative relationships