The Third Party Vendor Assessment Analyst will execute vendor assessment reviews, which will include managing relationships with the business and vendors, providing robust and challenging insight on business risk and on the adequacy and effectiveness of the test control processes in place.
You will deliver assessment reviews, providing opinion on the quality of the vendor control environment as is needs to meet the banks policies including identifying issues and subsequently assisting the business to agree to any appropriate action plan to mitigate the risk.
The Third Party Vendor Assessment function adds value by providing specific business function assurance on vendors, in relation to customer, financial or reputational risks. They add value by bringing momentum to action plans to address risk and leveraging findings and best practice on a bank wide scale.
Responsibilities will include:
Evaluating third party vendor's control infrastructure effectiveness and obtaining evidence of controls
Applying experience in audit, security and regulatory frameworks including NIST 800-53, ISO 27001, GLBA, SOX, PCI, HIPPA, States Privacy Regulation and FFIEC
Assisting in Governance Risk and Compliance (GRC) program's design, process re-engineering or enhancements and tool and technology implementations as applicable
Leading current risk assessments, continual risk assessments and risk metrics and visualizations
Performing quality assurance on vendor assessment and remediation activities
Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management
Maintaining and monitoring enterprise risk exception process to identify areas of non-compliance
Supporting and participating in Regulatory exam preparation and execution as well as remediation where applicable
Producing Third Party Vendor Assessment reports that clearly articulate risks in order to speak to a varied audience
Translating security risk and communicating effectively to business partners within the organization
2 or more years of experience in an IT Risk, Audit, Third Party Vendor Assessment or Information Security organization with an understanding of Audit, Security and Risk.
Experience gathering information from a range of different sources and in a number of different ways e.g. data collection, interviews, meetings, review of processes, manuals, and documentation review.
Ability to plan, organize and prioritize workloads and work on own initiative
Demonstrated experience working as part of a team - coupled with ability to gather and analyze information & provide a suitable solution
Experience with GRC methodologies, tools and enablers preferably in a financial industry
Strong thought leadership in Risk Management and ability to act as management when required
Strong project management skills
Advanced Excel Skills
Demonstrated interpersonal, written and communication skills
Education, Certifications and/or Other Professional Credentials:
Hours & Work Schedule
Hours per Week: 40
Work Schedule: Monday through Friday
Why Work for Us
At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.
Equal Employment Opportunity
It is the policy of Citizens Bank to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other category protected by federal, state and/or local laws.
Equal Employment and Opportunity Employer/Disabled/Veteran
Citizens Bank is a brand name of Citizens Bank, N.A. and each of its respective subsidiaries.
Citizens Financial Group, Inc.