Vendor Risk Manager

ID
2021-2881
Company
Alaska USA Federal Credit Union
Type
Full Time
Location
B Street Building North
City
Anchorage
Minimum Salary Grade
Category 07: depending on experience
Work Hours
Monday - Friday: 8:00 am - 5:00 pm
Regular Schedule is five 8 hour days
Yes
Addition Shift Differential
None

Overview

Reports to: Corporate Counsel Contracting and Vendor Management

Functions Supervised:

 

Primary Functions: Independently facilitate, support, and grow the credit union’s vendor risk management program to mitigate against vendor risks in alignment with enterprise risk tolerances. Facilitate initial and periodic due diligence reviews of vendors through the collection, review, and preparation of executive summaries of vendor documentation and continuous monitoring of the credit union’s cumulative vendor risk profile. Assist business lines as needed with vendor risk activities along with reviewing and developing policies and procedures that support the growing credit union vendor risk management functions.

 

Duties and Responsibilities:

  1. Initiates and facilitates vendor screening processes and performs initial and periodic due diligence reviews in a timely fashion.
  2. Maintains continuous monitoring of vendors between periodic due diligence reviews for issues such as OFAC and UDAAP compliance.
  3. Maintains heightened level of summary documentation including documented internal risk acceptances on each vendor under the purview of the vendor risk management function.
  4. Maintains schedules of vendor ongoing due diligence and performance reviews based on risk rating and criticality.
  5. Coordinates with management and key stakeholders regarding vendor risk and performance.
  6. Reports on and escalates risk issues to the Corporate Counsel Contracting and Vendor Management.
  7. Maintains best-in-class data and matrix’s for monthly and periodic credit union wide reporting requirements.
  8. Identifies ways to improve risk and performance policies/procedures/processes, user experience, and systems involved in the monitoring and tracking of vendor risk with an emphasis on a risk-based approach that is consistent and repeatable across risk dimensions.
  9. Develops a working knowledge of all vendor relationships under the purview of the vendor risk management function.
  10. Maintains a thorough understanding of all relevant internal policies and external regulatory requirements applicable to credit union vendor risk management.
  11. Actively supports and promotes a culture of progress ensuring day-to-day quality & risk mitigation is maintained through periods of strategic change.
  12. Develops and provides assistance to other members of the department.
  13. Actively bring a positive attitude and wide degree of creativity and latitude to each task as assigned.
  14. Performs other duties as assigned.

 

 

 

 

Qualifications

Education:  A bachelor’s degree in Computer Science, Information Technology, Information Security, or related field.

Creditable Experience in Lieu of Education: Four years equivalent experience in compliance, risk assessment, third party risk management, policy development, security control development, security auditing, or information technology systems. The following certifications are preferred: CRVPM: Certified Regulatory Vendor Program Manager, TPRM: Third-Party Risk Management, CTPRP: Certified Third-Party Risk Professional, CTPRA: Certified Third-Party Risk Assessor C3PRMP: Certified Third-Party Risk Management Professional, CCSA: Certification in Control Self-Assessment, CISA: Certified Information Security Auditor, CRISC: Certified in Risk and Information Systems Control, CISSP: Certified Information Systems Security Professional, CGEIT: Certified in the Governance of Enterprise IT, or CISM: Certified Information Security Manager.

Experience/Skills: Four years of experience in a vendor risk management related field. Four years of experience with computerized vendor management system. Working knowledge industry specific rules and regulations including but not limited to the Bank Secrecy Act of 1970, Right to Financial Privacy Act of 1978, Fair Lending rule and regulations, Gramm-Leach-Bliley Act/Financial Services Modernization Act of 1999, California Consumer Privacy Act of 2018, General Data Protection Regulation, National Credit Union Administration rules and regulations, Federal Financial Institution Examination Counsel best practices and handbooks, Consumer Financial Protection Bureau rules and regulations, and NIST standards. Ability to design/augment processes and implement change across the credit union bringing a concept to reality. Exceptional critical thinking and problem-solving skills; strong judgment,  Relentless customer focus with the ability to conduct interactions with resilience, poise, and grace under pressure. Advanced knowledge and understanding of due diligence documentation including but not limited to standard controls documentations/reports, financial statements, systems diagrams, business continuity program statements, certificates of insurance, and privacy program statements. Significant analytical skills and strong organizational ability. Keen attention to detail. Ability to manage multiple priorities and projects in a fast-paced environment. Excellent and demonstrable oral and written communication skills. High emotional intelligence, good judgment, and sense of humor. Proficiency in MS Word, Power Point and Excel is required.

Tenure: Not Applicable

 

Equal Opportunity Employer

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed