Associate, Third-Party Vendor Due Diligence

About The Position

Requirements

• Strong analytical and problem-solving skills to evaluate complex technology systems and identify potential risks.
• Excellent written and verbal communication skills to convey technical information to non-technical stakeholders effectively.
• Familiarity with relevant financial industry regulations and industry standards (e.g., GDPR, PCI DSS, SOC, etc.).
• Knowledge of IT infrastructure, cybersecurity, cloud computing, and emerging technologies.
• Meticulous attention to detail when conducting assessments and preparing reports.
• Ability to work in a fast-paced environment and adapt to evolving technology landscapes.
• A strong commitment to ethical conduct and the highest standards of professionalism.
• Knowledge of fintech products and services.
• Understanding of IT tools, concepts, methodologies and techniques.
• Proficient in Microsoft Office Suite or related software

Nice To Haves

• A relevant master’s degree or professional certifications (e.g., CISA, CISM, CISSP) is a plus.
• Experience in fintech industry or banking sector is highly desirable.

Responsibilities

• Conduct comprehensive due diligence reviews on the Bank’s fintech clients and vendors, including but not limited to technology systems, cybersecurity, data management, and IT policies.
• Identify and assess potential IT-related risks associated with prospective clients and vendors. Provide recommendations for risk mitigation.
• Prepare detailed reports and documentation summarizing findings and assessments, ensuring clarity and accuracy to be presented to various Bank committees.
• Ensure that the technology and IT practices of potential clients and vendors align with relevant industry regulations and compliance standards.
• Evaluate third-party vendors and service providers used by potential partners to assess their impact on overall IT and security posture.
• Collaborate with cross-functional teams, including compliance, legal, finance, and business units, to integrate IT due diligence findings into decision-making processes.
• Stay up-to-date with industry trends, emerging technologies, and cybersecurity threats to provide informed insights during due diligence processes.
• Conduct calls with Bank clients.
• Follow up with clients and vendors to obtain missing due diligence documentation.
• Report due diligence review conditions to the Third-Party Governance & Oversight team.
• Gather audit & exam request documentation as requested.