AVP, Third Party Risk Analyst

MBK Search

Our client, a leading bank, is looking for a Third Party Risk Manager to join their growing team in LA.

Job Description & Synthesis

Our client's Third-Party Risk Management (TPRM) program is designed to ensure an effective risk management process is in place for third-party relationships. The TPRM team supports that mission by serving as the second line and ensures the bank manages third-party risk effectively and efficiently, relative to its size and complexity.

Third-Party Risk Management (TPRM) Senior Analyst reports directly to the TPRM Program Manager and is responsible for providing Bank-wide third-party risk management services. This role assists the TPRM Program Manager and the TPRM Lead to define, implement, and maintain third-party risk management policies, standards, and operating models for all lines of business and subsidiaries. This role will be directly involved in providing oversight and monitoring of the TPRM lifecycle and will partner with others throughout the organization such as Subject Matter Experts, the Vendor Management Office, Information Security, and Business Continuity Planning, Corporate Compliance, etc., to achieve these objectives.

Specific Responsibilities
  • Perform advisory and challenge functions regarding the TPRM program to the business units (first line)
  • Validate that business units (first line) are executing the TPRM program requirements effectively
  • Review third party risk assessments for conformance to program objectives and methodology
  • Assist in researching, reviewing, developing, and maintaining TPRM policies and standards that comply with federal and state regulatory laws
  • Effectively monitor the tracking of issues, gaps, and exceptions, and mitigation plans as they relate to third party risks to ensure timely resolution
  • Track and analyze risk metrics to understand the Bank's overall third-party risk exposure
  • Prepare third party portfolio reporting of risk and performance to senior executives
  • Ensure timely and accurate escalation of issues and observations of non-compliance or risks outside of acceptable thresholds
  • Evaluate the TPRM program to identify optimization opportunities and provide recommendations for process improvement
  • Perform business analysis to ensure alignment of TPRM functions with overall organizational and enterprise risk frameworks
  • Evaluate control libraries and identify when controls need to be refreshed or added
  • Serve as TPRM subject matter expert to first-line, providing risk management guidance as needed
  • Perform testing of controls for all phases of the TPRM lifecycle; identify and evaluate deficiencies and assist with quarterly reporting on test results and issue trends.
Key Qualifications
Basic Qualifications:
  • *Bachelor's Degree
  • *Minimum of 2 years working with a GRC system, incorporating continuous improvement for the system and process
  • *Minimum of 5 years of experience in a combination of the following areas:
    • Third-party risk management
    • Operational risk management
    • IT risk management
    • Supply chain management
    • Assurance
    • Oversight and/or relevant third-party audit or compliance experience process
  • 3-5 years of audit background, preferred
Skills and Knowledge:
  • Comprehensive knowledge of third party risk management processes and methodologies such as:
    • Calculating inherent risk
    • Calculating residual risk
    • Risk scoring
    • Risk controls
  • Comprehensive knowledge of the third-party risk management lifecycle: planning, due diligence, contracts, ongoing monitoring, and termination
  • Confidence to challenge others, where appropriate, with experience in management by influence, facilitating, and gaining consensus
  • Proven ability to anticipate and identify risks and effective mitigants
  • Ability to manage ambiguity, ascertain facts, and apply judgment to complex risk scenarios
  • Ability to manage deadlines to ensure the timely completion of TPRM materials by first line colleagues
  • Ability to manage small projects or previous project management experience
  • Knowledge of and experience in designing and operating governance, frameworks, and processes to comply with vendor management/third party risk management related regulatory guidance (OCC 2013-29, Fed SR 13-19 or other relevant third-party risk management/vendor management regulation applicable to the financial services industry)
  • Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
  • Demonstrable stakeholder management and project management skills
  • Advanced knowledge of Microsoft Office tools, specifically Excel, PowerPoint, and SharePoint
  • Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
  • Performs other duties as assigned or requested.