Serving as a vendor risk management professional for our corporate and our public cloud environments that host our financial services platforms, at Lumin Digital, a Vendor Risk Management Specialist is responsible for:

Operating the vendor management program as a vendor management subject matter expert and face of Lumin Digital to internal and external parties, leading activities throughout the lifecycle of a vendor, including working with relationship managers and vendors on due diligence, performing ongoing risk assessments and oversight tasks, and contract renewals and/or vendor offboarding activities in a timely manner to meet strict business SLA’s. 

Maintaining frequent interaction and communication with relationship managers, vendor client service, relationship teams, product and development teams, and other key contacts as it relates to the vendor management program processes, including facilitating discussions with business partners on vendor management activities, as needed. Maintaining vendor profiles with current information to ensure vendor inventory is up-to-date.

Identifying, assessing, and monitoring vendor risks to Lumin Digital, as a company using established quantitative and qualitative risk assessment methodologies and documenting and reporting risk concerns and findings in a timely manner to leadership.

Monitoring administrative, physical, and technical controls designed to mitigate risks and reporting on their operating effectiveness to management.

Assisting with evaluating, developing and implementing process improvement solutions related to the vendor management program, including but not limited to, creating and updating program procedures, policies, workforce job aids, reporting, and training materials. Candidates will be required to participate in on-site working sessions within the first 90 days of hiring which will require travel.

Assisting with other governance, risk, and compliance (GRC) initiatives and/or other special projects as needed.   

Assisting independent auditors, examiners, and clients in producing due diligence materials, assessing risks, and preparing responses to questionnaires and request-for-proposals.

Maintains strong knowledge of applicable risk assessment and management practices to a financial technology services provider, including those referenced in FFIEC IT Booklets and NIST 800-30.

Maintains strong knowledge of industry standards and trends applicable to digital banking, including the AICPA’s applicable Trust Services Criteria and the PCI Data Security Standard.

Meet with suitable vendors to assess their products, inquire about their services and assess risk to Lumin Digital, and report any product or service-related concerns to relationship managers and management.

Develop and use formalized vendor risk assessment procedures to document and determine the likelihood and impact of risks in various categories in a clear and consistent manner.

Establishing standards by which to assess the performance of approved vendors.

Regularly review Lumin Digital company policies and procedures, at least annually, and collaborate with the Program Manager, Risk Management and other leaders to recommend updates to ensure risks are treated in accordance with the company’s risk appetite.

Use advanced software programs to catalog and map requirements, risks, and controls for enterprise as well as external vendor risks.

Support audit preparation activities, including evidence gathering and control reviews through cross functional collaboration with other teams.

While performing the duties of this Job, the employee is regularly required to sit; use hands to finger, handle, or feel and talk or hear

Specific vision abilities required by this job include close vision

Ability to occasionally lift/move up to 25 pounds

Ability to travel as needed (expected less than 10% of time)

Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through our human resources group.

Bachelor’s Degree in Business Administration, IT or related field preferred or four (4) years of equivalent years of experience required.

Experience:

Minimum four (4) years of experience in a vendor risk management-related role is strongly required.

Experience in managing risks in either a financial services or technology firm, including digital banking, payments, or lending, is strongly desired.

Leadership or senior-level experience in executing vendor management activities, including due diligence collection, performing vendor risk analysis, reporting findings and issues to impacted stakeholders is required. 

Minimum experience of two (2) years or more of managing teams responsible for vendor management activities, two (2) or more years of project management experience, or two (2) years experience or more of managing day-to-day operations of Third-Party Risk Management Program is required. 

Exceptional experience in developing and sustaining long-standing relationships with company-approved vendors.

Experience working with Excel and/or Google Sheets features, including statistical functions, formula-based conditional formatting, and lookup tables.

In-depth working knowledge of both vendor and risk management tools, techniques, and procedures to identify and analyze threats, weaknesses, and resulting risks.

Strong familiarity with regulations governing Bank Secrecy Act & Anti-Money Laundering (BSA/AML), FFIEC advisory guidelines regarding Know Your Customer (KYC) and the IT Examination Handbook, and other areas to include consumer banking, ACH, card and wire transfer payments, and third-party risk management

Strong familiarity with information security and cybersecurity threats that can impact the confidentiality, integrity, and availability of sensitive information

Familiarity with current issues in consumer privacy can result in strategic, reputational, and legal risk to U.S. B2B businesses processing personal information

Exceptional ability to work independently and through adversity to meet strict deadlines related to day-to-day vendor management activities, internal projects, and external audit calendars.

Calm and serious attitude, technical aptitude, appropriate sense of urgency, and communication skills to effectively coordinate with internal team members to accurately assess and manage risks

Must be able to pass required background checks to be accepted as a Lumin Digital employee with access to sensitive information

Must have strong client orientation and demonstrate a professional demeanor that earns the trust and respect of individuals inside and outside Lumin Digital

Ability to prioritize tasks, exercise sound judgment and confidentiality with sensitive information

Excellent written and spoken English communication and interpersonal skills

Ability to work remotely while maintaining a high level of productivity and effectiveness with minimal supervision

Curiosity and a strong drive to fully understand and keep apprised of regulatory issues and trends

$90,000 - $105,000 a year