Job ID/ Req. Number183084
As a Third Party Vendor Assessment Senior Analyst at Citizens Bank you will be responsible for supporting and maturing the company’s Third Party Vendor Assessment program and processes.
The individual will manage vendor issues to remediation, complete quality assurance functions as well as execute Third Party Vendor Assessment reviews. This will include managing relationships with the business and vendors, providing robust and challenging insight on business risk and on the adequacy and effectiveness of the test control processes in place. The role holder delivers assessment reviews, providing opinion on the quality of the vendor control environment as is needs to meet CFG’s policies including identifying issues and subsequently assisting the business to agree to any appropriate action plan to mitigate the risk.
The Third Party Vendor Assessment function adds value by providing specific business function assurance on vendors, in relation to customer, financial or reputational risks. They add value by bringing momentum to action plans to address risk and leveraging findings and best practice on a bank wide scale.
Responsibilities will include:
- Collaborating with senior management to influence key decisions
- Evaluating third party vendor’s control infrastructure effectiveness and obtaining evidence of controls
- Applying experience in audit, security and regulatory frameworks including ISO27001, GLBA, SOX, PCI, HIPPA, States Privacy Regulation and FFIEC
- Assisting in Governance Risk and Compliance (GRC) program’s design, process re-engineering or enhancements and tool and technology implementations as applicable
- Leading current risk assessments, continual risk assessments, and risk metrics and visualizations
- Performing quality assurance on vendor assessment and remediation activities
- Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management
- Maintaining and monitoring enterprise risk exception process to identify areas of non-compliance
- Supporting and participating in Regulatory exam preparation and execution as well as remediation where applicable
- Coaching and mentoring junior analysts and clearly articulating Third Party Vendor Assessment program goals and objectives to the wider audience
- Producing Third Party Vendor Assessment reports that clearly articulate risks in order to speak to a varied audience
- Translating securityrisk and communicating effectively to business partners within the organization
Position allows remote work flexibility when not on travel.
Experience and Skills:
- Minimum of 5years of experience in an IT Risk, Audit, Third Party Vendor Assessment or Information Security organization with an understanding of Audit, Security and Risk.
- Experience gathering information from a range of different sources and in a number of different ways e.g. data collection, interviews, meetings, review of processes, manuals, and documentation review.
- Ability to plan, organize and prioritize workloads and work on own initiative
- Demonstrated experience working as part of a team - coupled with ability to gather and analyze information & provide a suitable solution
- Significant experience with GRC methodologies, tools and enablers preferably in a financial industry
- Strong thought leadership in Risk Management and ability to act as management when required
- Strong project management skills
- Advanced Excel Skills
- Demonstrated interpersonal and communication skills
Education and Certifications:
- Bachelor’s Degree from an accredited institution in either Risk Management, Information Systems/Security or related field or years of experience in Risk
- One of more of the following certifications – CRM, ARM, CISSP, CISA, CISM, Audit Management certification as well as certifications in Disaster Recovery and Business Continuity
Hours & Work Schedule
Hours per Week: 40
Work Schedule: Monday through Friday
Why Work with Us
At Citizens, you’ll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.
Equal Employment and Opportunity Employer/Disabled/Veteran
It is the policy of Citizens Bank to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other category protected by federal, state and/or local laws.
Equal Opportunity & Affirmative Action Employer Disabled/Veteran
Citizens Bank is a brand name of Citizens Bank, N.A. and each of its respective subsidiaries, and Citizens Bank of Pennsylvania.