Third-Party Risk Management Program Manager

About The Position

Requirements

• Bachelor’s degree
• Minimum of five years experience related to financial institution compliance, audit, or third-party risk management or nine years of experience related to financial institution compliance, audit, or third-party risk management in leu of Bachelor’s degree
• Minimum of three years of management experience
• Ability to oversee a team of employees
• Demonstrated collaboration, problem solving, and conflict management skills
• Expertise in addressing needs of a variety of high demand, high pressure projects ranging from design, development, testing and implementation
• Ability to establish and effectively communicate timelines, process modifications, enhancements, program deliverables, and risk assessments to ensure soundness of vendor management program
• Ability to work remotely and perform functions independently with minimal supervision
• Strong Interpersonal and communication skills, with the ability to collaborate effectively with stakeholders
• Excellent analytical, problem solving, and decision-making skills
• Relationship Management skills: ability to build and create strong internal/external network across all levels
• Good understanding of third-party risk management framework, tools, and best practices
• Highly effective planning and prioritization skills
• Open to obtaining certifications: Certified Regulatory Vendor Program Manager (CRVPM) I, II, and III

Responsibilities

• Oversee the design and implementation of the Third-Party Risk program to monitor vendor risk in accordance with internal policy and governmental regulatory requirements.
• Manage workflow processes to guarantee that data and system controls meet internal controls and effectively work together to identify any potential risk.
• Act as a subject matter expert to assist the organization in identifying and mitigating risks of their third-party relationships and for third-party risk questions and best practices.
• Collaborate with Business Unit and Vendors that are inherently risk rated Significant or Critical and collect and review appropriate due diligence documentation (SOC Reports, Financial, BC/DR Plans, Complaint Policy, etc.) to adequately assess and determine their Residual Risk exposure to the Credit Union.
• Collaborate with Business unit and other stakeholders in relation to ensuring all User Entity Controls are reviewed and signed off on.
• Collaborate with Internal audit and support annual vendor on-going reviews.
• Serve as a primary liaison to Business Unit, Legal, and Technical Staff on vendor/third-party risk management issues, to define and manage risk, and to proactively enhance the program as necessary for users.
• Partner with internal teams to implement the relevant risk management policies and procedures, including regulatory and legal requirements.
• Ensure completeness and accuracy of information maintained on all third-party records.
• Develop and implement metrics and reporting summaries for the team and management.
• Monitor vendors for negative news, acquisitions, compliance with service legal agreements, etc. and present information to executive management when warranted.
• Complete weekly OFAC checks on all parent vendors.
• Maintain knowledge and understanding of current trends, laws, and issues affecting area of expertise.
• Attend educational events that will increase professional knowledge and be otherwise beneficial to the Credit Union.
• All other duties as assigned (note: essential functions and responsibilities may change, or new ones may be assigned at any time with or without notice).

Benefits

• 401(k) with matching incentives — up to 10 percent
• Competitive pay
• Medical, vision and dental benefits available to employees and their families from the first day of employment
• Tuition reimbursement plans
• Life insurance
• Pharmacy discount programs
• Flexible Spending (FSA), Health Savings (HSA) and Dependent Care account options
• Paid time off
• Parental leave
• Long-term disability
• Basic life insurance
• Wellness program
• Credit-monitoring service
• Employee assistance program
• Training and volunteer opportunities