Vendor Risk Professional
| Company | Western Alliance |
|---|---|
| Location | Phoenix, AZ, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- 5+ years of related experience in Vendor Management, Risk Management or similar field.
- Bachelor’s degree or equivalent experience required; Bachelor’s degree in related field preferred.
- Intermediate knowledge of general banking or financial services is preferred.
- Intermediate knowledge of applicable regulatory and legal compliance obligations, rules and regulations, industry standards and practices.
- Intermediate experience with FFIEC auditing regulations, or similar financial industry requirements is strongly preferred.
- Experience with risk control processes, ideally in a financial service industry preferred.
- Intermediate exposure to Risk Management Technology Platforms (i.e. ProcessUnity, Venminder, SAI360, RSA-Archer).
- Experience building Risk Control Self-Assessment (RCSA), TPRM, Application Control Testing, SOX compliance Testing, Vulnerability Analysis, Change Management, and Data Cryptography.
- Knowledge and skills of Microsoft Office Suite.
- Intermediate speaking and writing communication skills.
Responsibilities
- Manage the daily third-party management operations.
- Ensure the department follows the strategic direction, prioritization, mission, and vision of the TPMS and its policies and procedures.
- Work within our GRC platform for use in core operations, including third-party onboarding, tracking, analytics, and performance management.
- Monitor adherence to the Third-Party Management Policy by reviewing and maintaining third-party documentation to ensure accuracy and completeness.
- Serve as a single point of contact for TPMS related questions and issues and interact with multiple internal stakeholders and third-parties throughout the lifecycle.
- Build close relationships with business owners to understand their strategy or direction and collect the due diligence review results.
- Facilitate contract review between business partners, third-parties, and legal.
- Prepare documents, support internal/external discussions regarding third-party management issues, and maintain third-party compliance and approval of third-party access.
- Leverage standard frameworks such as NIST, ISO, COBIT, policies, standards, and procedures to recommend mitigating control to meet regulatory requirements specifically SOX, CCPA, GDPR, PCI.
- Work with Legal to define and build contract term playbook library.
- Assist in tracking and reporting of score cards and SLAs.
- Develop, implement, monitor, and report performance measures that demonstrate value and ensure third-party performance.
- Act as a primary liaison with the business and TPRM 2nd Line to build risk assessment and required control as well as align the outstanding issues to the risk assessment and monitor the resolution of issues.
- Assist procurement services teams to ensure compliance with Third-Party management policy, sourcing, and negotiated agreements relating to core operations services and products.
Preferred Qualifications
- Certified Regulatory Vendor Program Management (CRVPM) Level 1 preferred;
- Certified Third Party Risk Professional (CTPRP) preferred.