Third Party Risk Program Analyst

About The Position

Requirements

• Bachelor’s degree or equivalent professional experience.
• 3 years or more years of experience in financial services with exposure to Operational Risk, Third Party Risk Management, Information Security, Internal Audit, or related risk & control functions.
• Strong understanding of vendor lifecycle management and regulatory expectations for third party oversight.
• Demonstrated experience performing risk assessments, identifying control gaps, and maintaining high quality documentation.
• Strong analytical skills with high attention to detail.
• Demonstrated ability to manage multiple priorities independently with limited oversight.
• Advanced proficiency in Microsoft Excel, Word, and PowerPoint preferred.
• Experience with a GRC platform comparable to Archer preferred.

Responsibilities

• Act as a Third Party Risk Management (TPRM) subject matter expert, providing guidance, effective challenge, and advice on third party risk requirements and best practices to stakeholders across the organization.
• Conduct comprehensive risk assessments over new and existing third party vendors in collaboration with Engagement Managers and subject matter experts, including the determination of inherent risk, review and analysis of due diligence documentation, and evaluation of relevant operational, financial, compliance, information security and business  continuity, etc., controls.
• Perform ongoing monitoring of third party relationships to ensure continued alignment with internal policies, regulatory guidance and TPRM Program requirements.
• Conduct reviews of SOC (System and Organization Controls) reports for operational considerations, evaluating report scope, auditor opinion, subservice organizations, and identified control exceptions; identify applicable Complementary User Entity Controls (CUECs) and coordinate with Engagement Managers to ensure required controls are implemented and documented.
• Perform quality assurance (QA) reviews over Inherent Risk Questionnaires (IRQs) to validate data accuracy and appropriate risk ratings, and third party reassessments ensuring the completeness of subject matter expert reviews, effective challenge, and consistency in risk assessment results.
• Identify potential control gaps or risk concerns and escalate findings in accordance with established risk management guidelines.
• Prepare reports and dashboards summarizing third party risk exposure, assessment status, and key trends for Management and governance committees.
• Maintain accurate and complete vendor records within the Bank’s TPRM Governance, Risk and Compliance (GRC) system of record, Archer, ensuring data integrity and audit readiness.
• Support internal audits and regulatory examinations by providing requested documentation.
• Assist in enhancing and refining third party risk processes, documentation standards, and reporting methodologies.

Benefits

• Competitive compensation with performance incentive awards, Health Insurance, Dental Insurance, a 401K and DC Plan for your retirement, LTD & Life Insurance, Vacation Time, Day Care Reimbursement, Tuition Assistance for graduate and undergraduate programs, an Award Winning Wellness program and much more!