Vendor Management/Third Party Risk Specialist (Non-IT)

Remote
Corporate – Risk Management /
Full-Time - Remote (Non-local) /
Remote
Apply for this job
NASA Federal Credit Union is in search of a Third Party Risk Specialist (TPRS) to identify and mitigate risk related to third parties engaged throughout the Credit Union. The TPRS will collaborate with key stakeholders in performing risk assessments, due diligence, ongoing oversight, and quality assurance activities involving the Credit Union’s third-party relationships.  It will apply thorough knowledge of risk best practices, standards, and regulatory requirements (e.g., NCUA, FFIEC, PCI, SOC, etc.) as they relate to third party management and protection of confidential and/or proprietary information of the Credit Union.  The TPRS will also apply working knowledge in understanding terms and conditions of contracts to identify, offer mitigating controls, and potentially negotiate towards a solution on contractual risks, as well as contribute strong technical/functional understanding of third-party risk management methodologies, workflows, and software solutions. 
 
 
Essential Duties and Responsibilities:  (Other duties as assigned)

Level I:

    • Remains cognizant of and adheres to Credit Union policies and procedures, and regulations pertaining to financial institutions, including the Bank Secrecy Act, and OFAC.
    • Maintains a working knowledge of third-party risk regulations applicable to financial institutions, including the appropriate due diligence documentation required to satisfy compliance requirements related to service provider due diligence and ongoing oversight.
    • Participates in all third-party due diligence processes and works with the Credit Union’s subject matter experts, third-party relationship owners, Information Security Oversight Committee, and third parties, as needed. 
    • Assists with efforts to ensure enterprise-wide requirements for due diligence, risk assessment, and ongoing oversight are met, in accordance with Credit Union policy, federal regulations, and industry best practices.
    • Participates in thorough onboarding activities, including project and/or third-party risk assessment, and provides quality assurance of all information and documentation, as applicable to the third-party product/service to be provided.
    • Assists with the maintenance and retention of third-party risk management database.
    • Collaborates with third party relationship owners to track, measure, report, and evaluate third party risk, and complete third-party risk assessments, as applicable.
    • Participates in identifying, analyzing, and summarizing inherent and residual risk postures of third-party relationships.
    • Collaborates with business continuity coordinator to track, measure, report, and evaluate third-party resiliency.
    • Assists with administrative functions with Governance, Risk and Compliance (GRC) software used for third party risk management, including procedures, training, and access. 
    • Assists with enterprise-wide communications, reporting, and metrics on the Third-Party Risk Program.
    • Participates in identifying and analyzing conditions, with input from management and key stakeholders, for third parties requiring risk exceptions/acceptance and documents, escalates and retains approval, as needed.
    • Assists with contract management in the review, status tracking, execution and return of copies of signed contracts.
    • Assists with the Credit Union’s procurement process in the review, status tracking, execution and return of copies of signed orders.
    • Assists supervisor with the assessment of the Credit Union’s User Access Control (UAC) Program, to include policy management, ongoing monitoring of the UAC Program, and reporting to the Credit Union’s Information Security Oversight Committee.
    • Supports Risk Management Department functions, as well as other projects and duties, as assigned.
    • Actively supports and embraces our core values in all interactions.

Level II: All Level I responsibilities and the following:

    • Acts as administrator of Governance, Risk and Compliance (GRC) software used for third party risk management, including procedures, training, and access. 
    • Maintains Third-Party Risk Program documentation, such as policies, procedures, metrics, and reports.
    • Identifies and analyzes conditions, with input from management and key stakeholders, for third parties requiring risk exceptions/acceptance and documents, escalates and retains approval, as needed.
    • Ensures contracts are evaluated and negotiated to maximize value and mitigate risk to the Credit Union.
    • Maintains the third-party risk management database.
    • Analyzes Third-Party Risk Program data to ensure data accuracy and integrity and establish associated reports and metrics.
    • Consults and collaborates with third-party relationship owners to ensure timely execution of third-party risk management activities.
    • Consults and collaborates with appropriate departments to enhance the Credit Union’s procurement process to maximize value and mitigate risk to the Credit Union.
    • Participates in the oversight of the Credit Union’s UAC Program, to include policy management, ongoing monitoring of the UAC Program, and reporting to the Credit Union’s Information Security Oversight Committee.

Education and Experience ~ Level I:

    • Minimum of three years of regulatory compliance and/or third-party risk experience.
    • A Bachelor’s degree from accredited college in relevant field preferred.
    • Financial institution knowledge/experience preferred.
    • Experience in contract work is helpful, but not required.

Level II:

    • Minimum of three years of regulatory compliance and/or third-party risk experience.
    • A Bachelor’s degree from accredited college in relevant field preferred.
    • Financial institution knowledge/experience preferred.
    • Certification in this field or paralegal or legal degree or work equivalent. At least 12 months experience in contract work is required.

Essential Skills and Abilities:

    • Ability to deliver oral presentations and produce written reports and documentation.
    • Ability to convey complex information in a way that others can readily follow.
    • Ability to create plans and effectively prioritize workload.
    • Ability to balance the need for an immediate response with accuracy and completeness of information.
    • Ability to build strong relationships with stakeholders at all levels, internally and externally.
    • Detail-oriented with strong problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions to completion.
    • Ability to work under minimal supervision and manage multiple tasks/projects simultaneously, while meeting demanding deadlines.
    • Strong business ethics, including the protection of proprietary and confidential information.
    • Familiarity with third-party selection processes, contract negotiation, invoice processing or legal terms review preferred.
    • Knowledge of operational risks and controls
    • Understanding of financial industry requirements and/or risks related to third parties.

Our generous benefit package includes:

    • Salary: $72,500 - $120,000 / Annually (Based on experience and Level)
    • 401(k) match to 5% of earnings – immediate enrollment and 100% vesting
    • Choice of two health plans
    • Dental 
    • Vision
    • Life Insurance – no cost
    • Long-term Disability Insurance – no cost
    • Employee Assistance Program – no cost
    • Paid vacation 
    • Paid sick time
    • 11 Paid holidays
    • Profit Sharing eligible
    • Pet Insurance
    • Identity Theft Protection
Apply for this job

NASA Federal Credit Union Home Page

Jobs powered by Lever logo