Previous Job
Previous
Senior 3rd Party Operational Risk Analyst
Ref No.: 17-00252
Location: New York City, New York
Start Date: 11/14/2017
Job Title: Third Party Risk Analyst
Location: New York, NY or Bethlehem, PA
Phone and In-person interview is a MUST
Duration: 6 months+

Job Description:
The Senior Third Party Risk Analyst is responsible for project administration, tracking, monitoring and response coordination on Policy, Operational Risk Assessments, Internal Audit, Third Party Risk Management and regulatory compliance items. He/she will report directly to the officer responsible for Operational Risk & Resiliency in the company's Operational Risk Office, a division of the company's Corporate Finance area.

Responsibilities:
  • The Senior Analyst, Third Party Risk will perform third party risk assessments on new and existing third parties on an enterprise-wide basis
  • Preparation of detailed and summary reports of assessment, including customized reports, as needed
  • Work as Subject Matter Experts (SME) and with other SME's within the Operational Risk Office, IT, Law, Privacy, Compliance, Sourcing, and Treasury, to develop and apply risk assessment criteria (aligned with corporate Policy)
  • Work directly with internal business processes, applications, systems, associated with third party engagements
  • Work with IT, Sourcing and Law to ensure compliance and integration of third party risk management lifecycle elements
  • Ability to perform contract reviews of redlines and approve/reject changes
  • Identify and measure the risks facing a business area, process or workflow based on facts, business environment, and practicality and perform appropriate due diligence to ensure identification and management of risks.
  • Counsel and guide business partners in identifying risks and potential risk mitigation alternatives commensurate with the risk identified and consistent with risk appetite and tolerance.
  • Work directly with new and existing third party vendors to assess risk controls to ensure data is adequately safeguarded
  • Promote awareness and enhance our internal service model that informs the business of key risks in a timely manner so as to limit unnecessary impediments and avoid bureaucracy
  • Contribute to building a training program for internal business partners on due diligence processes as well as their obligation in ongoing monitoring.
Competencies/Skills:
  • Experience in large companies and/or complex environments, or providing professional consulting services for them.
  • Demonstrated leadership skills that instill trust and confidence with an ability to influence execution.
  • Demonstrated abilities in problem-solving and analysis: identifies issues, analyzes information to assess root cause and relationships, risks and potential risk responses.
  • Proven ability to synthesize and summarize complex data into concise recommendations and reports.
  • Excellent written and verbal communication skills to deliver the "whole message " in a concise, persuasive and succinct manner.
  • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion and meet deadlines in a fast-paced environment, with only periodic supervision.
  • Ability to work collaboratively and manage and initiate effective cross-functional relationships maintaining a high level of professionalism, self-motivation and a strong sense of urgency
  • Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, analysis. Experience with GRC tools (e.g. Archer) is a plus.
  • Competency in customer focus, change & innovation, strategic thinking, relationship thinking, relationship building & influencing, talent management, results focus and inspirational leadership.
  • Ability to manage effectively and work closely with business leaders in a high pressure, fast paced, highly collaborative environment with multiple deadlines and competing priorities.
Knowledge:
  • Ability to conduct thorough third party assessments, through application of established criteria.
  • Strong understanding of the principles of risk management, information security and their relationship to corporate governance activities such as operational risk assessment and organizational impact.
  • Clear understanding of industry standards risk analysis approaches: ISO, COBIT, COSO, as well as regional standards and regulations; Sarbanes Oxley, Basel II, GLBA, HIPAA and crisis management/business resiliency practices.
  • Demonstrated consistent credibility as a subject matter expert with business partners and leadership while recommending initiatives, identifying gaps and potential issues.
  • Collaborate with internal partners and third parties to mitigate and otherwise resolve third party risks influencing business decisions and applying professional judgement for selecting the appropriate methods and techniques.
  • Strong analytical and problem solving skills and attention to detail
  • Possesses and builds on knowledge of operational risks and trends relevant to financial services and insurance, staying abreast of current and pending regulatory and compliance requirements.
  • Provide virtual leadership and guidance to the analyst level team on best practice and continuous improvements for processes, assessments and other operational activities
  • Strong knowledge of and experience in risk management and internal controls required spanning fraud, legal liability, regulatory, privacy, information and cyber security, reputational harm, business resiliency, theft of assets, financial losses, and error/omissions.
Education & Experience:
  • Solid background both educationally and via professional experience
  • No less than 7 years professional experience in business operations, project/program management, risk management, information security, business analytics and /or similar.
  • BS/BA degree, Advanced Degree preferred or equivalent experience
  • Certification in risk management and/or risk party risk management preferred
  • 7+ years of Operational and/or Third Party Risk experience required
Frequent travel between New York, New York and Bethlehem, PA offices with occasional travel to other Regional Home Offices (Spokane, WA, Appleton, WI, Pittsfield, MA)