Operational Risk Analyst V - Third Party Management

About The Position

Requirements

• Bachelor's degree, advanced degree/s desired
• 5+ years of risk management, and/or audit experience with a strong focus on risks and controls and risk-based auditing techniques.
• Proficient in third party regulatory guidance and able to perform effective challenge and oversight throughout the Third-Party Risk Management Lifecycle.
• Demonstrated skill in effectively communicating (verbal and written) results to a diverse audience; ability to work with all levels of management with a focus on collaboration and relationship management.
• Experience with data analysis tools and techniques including advanced concepts of Microsoft Word, Excel, and PowerPoint and/or other analytical software (e.g. – SAS, Tableau, ACL, etc.).
• Strong interpersonal skills; ability to work well in a team environment.
• Excellent problem solving abilities and results oriented; able to make decisions independently
• High ethical standards, strong critical thinking, detective, analytical, and problem-solving skills.
• Autonomous, self-motivated, and flexible with the ability to adapt quickly to change or shifting priorities in a fast-paced environment.
• Experience working on projects or initiatives requiring strategic planning/thinking across multiple functional areas and business processes.

Responsibilities

• Provide Second Line of Defense third party management expertise and support to Risk Management and Corporate Procurement programs.
• Demonstrate proficient knowledge of applicable third party regulatory guidance (OCC, FRB, CFPB, and FFIEC), industry trends, and emerging issues, and ability to understand its applicability to risk management strategies including the scoping of risk evaluations, monitoring, and design of testing plans.
• Design and execute an independent Second Line of Defense approach to risk-based monitoring and evaluation by ensuring Program alignment with regulatory guidance, policy, and program requirements.
• Develop assessments and provide input over Third Party risk identification and control effectiveness through formal reporting, as well as monitoring remediation activities.
• Utilize knowledge of data analysis tools and techniques to analyze, quantify, and/or assess risks and to evaluate controls to identify potential weaknesses and/or control gaps in the third party management program.
• Clearly document the results or conclusions for testing performed in concise management reports and provide heightened awareness around significant risks and proactive identification, escalation, and remediation of control weaknesses or gaps.
• Effectively and professionally interact with senior management, regulatory agency personnel, internal legal counsel, internal risk review (audit) personnel as well as risk management peers.
• Provide specialized authoritative advice and consultation on current and emerging third party regulatory risks, including proactively anticipating and responding to regulatory changes, assessing the impact to the LOBs, and assisting the LOBs in responding to the change.
• Develop departmental procedures to support governance and monitoring processes to assist in the review, update and enhancement of Second Line of Defense Third Party Risk Management policies and procedures.
• Demonstrated awareness and ability to consider interconnections of risk disciplines and the impact on third party risk.
• Interface with regulators; respond to internal/external audits/examinations risk management requests for information, assist in the evaluation of audit/examination findings and implementation of corrective action, and/or assist in LOB responses to regulatory and legal inquiry/investigations.
• Conduct review and challenge of regulatory exam documentation prior to submission to the regulators to ensure requests for information are appropriately addressed.