Associate Vendor Risk Analyst
Associate Vendor Risk Analyst
Position Summary
As a member of the Third Party Governance (TPG) team, the incumbent will work directly with the business and our IT partners to measure and manage risks associated with vendor engagements. This is achieved through one-on-one interactions with associates who manage our vendor relationships as well as through regular interaction with our IT partners. This associate will coordinate assessments and facilitate reviews of vendors across the various phases of the vendor lifecycle, with an emphasis on proposed new engagements (coordinating Due Diligence efforts) and existing engagements. As a junior member of the TPG team, the ideal candidate will bring knowledge of the business and will receive training and support in this specialized field. This position reports to the Director – Enterprise Services.
Essential Duties and Responsibilities
- Monitor compliance to established vendor risk policies.
- Educate business managers on their role in vendor management.
- Maintain confidentiality when necessary, especially regarding possible new vendor engagements.
- Assist the vendor relationship manager with any due diligence follow ups and ongoing risk assessments as needed.
- Become an expert user in the vendor module of our corporate GRC tool, RSA Archer. This person is responsible for maintaining accurate records the database and coordinating with other business units and vendors to ensure data is current.
- Communicate findings from the program with management, appropriate risk committees, and external auditors/regulators as needed.
- Other duties as assigned.
Experience Requirements
- Strong computer skills, especially with Microsoft Office and web-based applications.
- Excellent verbal, written, and interpersonal communication skills with the ability to interact with all levels of management.
- Ability to handle multiple tasks on an ongoing basis.
- Ability to work independently, with work product being reviewed by more senior associates.
- Knowledge of contract language and terms preferred.
- Commitment to continual professional education and obtaining the Certified Third-Party Risk Professional (CTPRP) designation.
Education Requirements
- Bachelor’s degree.