Vendor Management Analyst

About The Position

Requirements

• Bachelor’s degree in Business Administration or related field, or equivalent professional experience preferred.
• Experience in vendor and third‑party management, including performance monitoring and risk oversight preferred.
• Strong proficiency in Microsoft Excel, PowerPoint, reporting tools, and AI‑assisted analysis, including effective large language model (LLM) prompting to support data interpretation, documentation, and process efficiency.
• Ability to analyze data, prepare reports, and communicate insights to cross‑functional stakeholders
• Must be able to establish relationships and effectively communicate with all levels of bank personnel.
• Must be detail oriented, while being versatile and able to multi-task.
• Must maintain knowledge of many areas of the financial institution.
• Must be able to adhere to bank policies and procedures.

Responsibilities

• New Vendor Onboarding Complete vendor profiles in the VRM system; coordinate inherent risk questionnaires with service owners; draft inherent risk score for Administrator approval.
• Coordinate SME reviews (InfoSec, Legal, Compliance, BCP/DR); route contracts to Legal and track control clauses.
• Perform reputational checks and adverse media; document results and artifacts in the system of record.
• Due Diligence (Collection & First-Pass Review) Collect SOC 1/2 reports, insurance COIs, financials, and security/BCP questionnaires; perform first-pass reviews using standardized rubrics;
• Map/assign User-Entity Controls (UECs) to internal control owners; launch attestation tasks and track evidence.
• Identify carved-out subservice organizations from SOC reports and track vendor’s oversight and any required direct evidence.
• Ongoing Monitoring (Weekly Cadence) Run weekly ticklers: SOC report scan and new issuances, insurance expirations, negative news, and OFAC screening; update dashboards and notify owners.
• Maintain exception logs and remediation dates; escalate per thresholds; validate closure and archive evidence.
• Administer bi-annual access recertifications for vendor portals and the VRM system; perform user setup/change/delete workflows.
• Evidence & Record Maintenance Ensure every conclusion has dated supporting artifacts and reviewer/approver sign-offs to meet examiner traceability expectations.
• Other Completes annual compliance courses.
• Adheres specifically to all corporate policies and procedures. Also adheres to Federal and State regulations and laws; including, the Bank Secrecy Act and the Anti-Money Laundering Act.
• Adheres to all levels of our Service Excellence standards.
• Performs other duties as required.