Procurement Risk & Compliance Lead

S&P Global has recently announced the intent to separate our Mobility Segment into a standalone public company. For more information, visit

Operating across 22 countries, Mobility Global is strengthening its third‑party governance framework to support regulatory compliance, information security, and enterprise risk management. Reporting to the Global Head of Procurement, the Senior Manager, Vendor Risk & Procurement Governance will lead the operational implementation of the Company’s vendor risk management process within Procurement. While Legal Risk & Compliance will design and maintain the enterprise risk framework, this role will be responsible for embedding that framework into procurement workflows, configuring system controls within Coupa, developing employee‑facing policy documentation, and ensuring all required vendor risk reviews are completed prior to vendor onboarding or renewal.

This role serves as the operational bridge between Procurement, Legal, Risk & Compliance, and Information Security.

• Translate the enterprise vendor risk framework into scalable procurement processes.
• Embed vendor risk review requirements into end‑to‑end sourcing and purchasing workflows.
• Define intake requirements and risk‑tiering triggers for vendor engagements.
• Establish escalation procedures for incomplete or delayed risk reviews.
• Drive continuous improvement in vendor risk governance processes.

• Configure and maintain vendor risk workflows and approval gates within Coupa.
• Implement system controls to prevent PO issuance without required risk approvals.
• Maintain vendor risk attributes, classifications, and documentation repositories.
• Partner with Finance Systems and IT to enhance automation and reporting.
• Develop dashboards and reporting to monitor review completion, SLAs, and compliance trends.

• Draft and maintain procurement‑facing vendor risk policies and SOPs.
• Develop clear employee guidance materials explaining:
  • When vendor risk reviews are required
  • How to initiate a review
  • Required documentation
  • Approval requirements and timelines
• Ensure alignment between procurement policy and Legal Risk standards.
• Conduct training sessions for business stakeholders.

• Ensure all required vendor risk reviews by:
  • Legal Risk & Compliance
  • Information Security
  • Data Privacy
  • Other applicable stakeholders are completed prior to vendor onboarding or contract renewal.
• Monitor review timelines and escalate exceptions.
• Maintain documentation of approvals, conditions, and remediation requirements.
• Track and report compliance metrics to Procurement and Finance leadership.

• Maintain audit‑ready documentation of vendor risk approvals and workflows.
• Support SOX‑related vendor governance controls where applicable.
• Partner with Internal Audit on third‑party risk assessments.
• Support remediation efforts tied to vendor governance findings.

• Serve as key liaison between Procurement and:
  • Legal Risk & Compliance
  • Information Security
  • Finance & Accounting
  • Internal Audit
• Drive accountability across business units engaging third parties.
• Promote a culture of governance and risk awareness.

• Bachelor’s degree in Business, Supply Chain, Risk Management, Finance, or related field or equivalent relevant experience.
• 7 to 10+ years of experience in Procurement, Third‑Party Risk, Compliance, or Governance.
• Experience in a publicly traded or highly regulated organization preferred.
• Direct experience implementing vendor risk workflows in Coupa strongly preferred.
• Strong understanding of third‑party risk domains, including:
  • Information security
  • Data privacy
  • Regulatory and compliance risk
  • Operational and financial risk
• Experience developing policy documentation and process controls.
• Strong systems and workflow configuration experience.

• Governance‑oriented with strong attention to detail.
• Systems‑minded and process‑driven.
• Confident cross‑functional influencer.
• Able to enforce controls…