CNB's Third Party Risk Management (TPRM) program is designed to ensure an effective risk management process is in place for third-party relationships. The TPRM team supports that mission by serving as the second line and ensures CNB manages third party risk effectively and efficiently, relative to its size and complexity.
Third Party Risk Management (TPRM) Senior Analyst reports directly to the TPRM Program Manager and is responsible for providing Bank-wide third-party risk management services. This role assists the TPRM Program Manager and the TPRM Lead to define, implement, and maintain third party risk management policies, standards, and operating model for all lines of business and subsidiaries. This role will be directly involved in providing oversight and monitoring of the TPRM lifecycle and will partner with others throughout the organization such as Subject Matter Experts, the Vendor Management Office, Information Security, and Business Continuity Planning, Corporate Compliance, etc., to achieve these objectives.
Perform advisory and challenge functions regarding the TPRM program to the business units (first line)
Validate that business units (first line) are executing the TPRM program requirements effectively
Review third party risk assessments for conformance to program objectives and methodology
Assist in researching, reviewing, developing and maintaining TPRM policies and standards that comply with federal and state regulatory laws
Effectively monitor the tracking of issues, gaps, and exceptions and mitigation plans as they relate to third party risks to ensure timely resolution
Track and analyze risk metrics to understand the Bank's overall third-party risk exposure
Prepare third party portfolio reporting of risk and performance to senior executives
Ensure timely and accurate escalation of issues and observations of non-compliance or risks outside of acceptable thresholds
Evaluate the TPRM program to identify optimization opportunities and provide recommendations for process improvement
Perform business analysis to ensure alignment of TPRM functions with overall organizational and enterprise risk frameworks
Evaluate control libraries and identify when controls need to be refreshed or added
Serve as TPRM subject matter expert to first line, providing risk management guidance as needed
Perform testing of controls for all phases of the TPRM lifecycle; identify and evaluate deficiencies and assist with quarterly reporting on test results and issue trends.
*Minimum of 2 years working with a GRC system, incorporating continuous improvement for the system and process
*Minimum of 5 years of experience in a combination of the following areas:
Third party risk management
Operational risk management
IT risk management
Supply chain management
Oversight and/or relevant third-party audit or compliance experience process
3-5 years of audit background, preferred
Skills and Knowledge:
Comprehensive knowledge of third party risk management processes and methodologies such as:
Calculating inherent risk
Calculating residual risk
Comprehensive knowledge of the third-party risk management lifecycle: planning, due diligence, contracts, ongoing monitoring and termination
Confidence to challenge others, where appropriate, with experience in management by influence, facilitating and gaining consensus
Proven ability to anticipate and identify risks and effective mitigants
Ability to manage ambiguity, ascertain facts, and apply judgement to complex risk scenarios
Ability to manage deadlines to ensure the timely completion of TPRM materials by first line colleagues
Ability to manage small projects or previous project management experience
Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management/third party risk management related regulatory guidance (OCC 2013-29, Fed SR 13-19 or other relevant third-party risk management/vendor management regulation applicable to the financial services industry)
Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
Demonstrable stakeholder management and project management skills
Advanced knowledge of Microsoft Office tools, specifically Excel, PowerPoint and SharePoint
Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
Performs other duties as assigned or requested.
The Bank reserves the right to add or change duties at any time.
Equal Opportunity/Affirmative Action Employer, Minorities/Females/Individuals with Disabilities/Veterans
Note: This preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Note: Candidates should be advised that City National Bank does not pay interviewee travel expenses or relocation expenses for candidates who are hired unless previously agreed.
Equal Opportunity Empl
City National Corporation