Third Party Risk Sr Analyst
About The Position
As the Third Party Risk Sr Analyst, you will manage vendor issues, complete quality assurance functions and execute Third Party Vendor Assessment reviews. This will include managing relationships with both business leaders and vendors, while providing robust and challenging insight on business risk and on the adequacy and effectiveness of the test control processes in place. The role holder delivers assessment review and provides opinion on the quality of the vendor control environment as is needed to meet Citizens policies including identifying issues and subsequently assisting the business to agree to any appropriate action plans to mitigate the risk. The Third-Party Assessment function adds value by providing specific business function assurance on vendors, in relation to customer, financial or reputational risk and bringing momentum to action plans to address risk and leveraging findings and best practice on a bank wide scale.
Requirements
- Ability to navigate program requirements independently.
- Demonstrates advanced critical thinking.
- Identifies opportunities and recommended solutions.
- Ability to appropriately manage multiple complex assessments and related activities.
- Demonstrates strong verbal and written communications amongst various internal and external stakeholders.
- Strong analytical skills to identify and classify inherent and residual risks.
- Effectively leads calls with various stakeholders to achieve desired results.
- Experience in financial services organization, particularly in Risk, Audit, Compliance, Cyber or Third-Party Risk
- Proficient use of Microsoft Word and Microsoft Excel
- Experience gathering and analyzing evidence through various methods (e.g., email, virtual sessions, or onsite) and sources (e.g., artifacts, interviews, meetings, demonstrations, independent audits, review of processes/policies, etc.)
Nice To Haves
- Bachelor’s Degree (preferred)
- Holds relevant industry certification(s) (i.e. CISA, CRCM, CRISC, CTPRP, TPCRA, etc.) (preferred)
Responsibilities
- Collaborating with senior management to influence key decisions.
- Evaluating third party vendors' control infrastructure effectiveness and obtaining evidence of controls.
- Applying experience in audit, security and regulatory frameworks including ISO 27001, GLBA, SOX, PCI, HIPPA, States Privacy Regulation and FFIEC.
- Assisting in Governance Risk and Compliance (GRC) program’s design, process reengineering or enhancements and tool and technology implementations as applicable.
- Leading current risk assessments, continual risk assessments, and risk metrics and visualizations.
- Performing quality assurance on vendor assessment and remediation activities.
- Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management.
- Maintaining and monitoring enterprise risk exception process to identify areas of noncompliance.
- Supporting and participating in regulatory exam preparation and execution as well as remediation where applicable.
- Coaching and mentoring junior analysts and clearly articulating Third Party Vendor Assessment program goals and objectives to the wider audience.
- Producing Third Party Vendor Assessment reports that clearly articulate risks in order to speak to a varied audience.
- Translating security risk and communicating effectively to business partners within the organization.
- The ability to travel within the United States is required.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
