Third Party Risk Management Sr AnalystJob ID RISK-11908 City Los Angeles State California Exempt/Non Exempt Exempt Shift Day Work Schedule M-F, 8-5
CNB's Third Party Risk Management (TPRM) program is designed to ensure an effective risk management process is in place for third-party relationships. The TPRM team supports that mission by serving as the second line and ensures CNB manages third party risk effectively and efficiently, relative to its size and complexity.
Third Party Risk Management (TPRM) Senior Analyst reports directly to the TPRM Program Manager and is responsible for providing Bank-wide third-party risk management services. This role assists the TPRM Program Manager and the TPRM Lead to define, implement, and maintain third party risk management policies, standards, and operating model for all lines of business and subsidiaries. This role will be directly involved in providing oversight and monitoring of the TPRM lifecycle and will partner with others throughout the organization such as Subject Matter Experts, the Vendor Management Office, Information Security, and Business Continuity Planning, Corporate Compliance, etc., to achieve these objectives.
- Perform advisory and challenge functions regarding the TPRM program to the business units (first line)
- Validate that business units (first line) are executing the TPRM program requirements effectively
- Review third party risk assessments for conformance to program objectives and methodology
- Assist in researching, reviewing, developing and maintaining TPRM policies and standards that comply with federal and state regulatory laws
- Effectively monitor the tracking of issues, gaps, and exceptions and mitigation plans as they relate to third party risks to ensure timely resolution
- Track and analyze risk metrics to understand the Bank's overall third-party risk exposure
- Prepare third party portfolio reporting of risk and performance to senior executives
- Ensure timely and accurate escalation of issues and observations of non-compliance or risks outside of acceptable thresholds
- Evaluate the TPRM program to identify optimization opportunities and provide recommendations for process improvement
- Perform business analysis to ensure alignment of TPRM functions with overall organizational and enterprise risk frameworks
- Evaluate control libraries and identify when controls need to be refreshed or added
- Serve as TPRM subject matter expert to first line, providing risk management guidance as needed
- Perform testing of controls for all phases of the TPRM lifecycle; identify and evaluate deficiencies and assist with quarterly reporting on test results and issue trends.
- *Bachelor's Degree
- *Minimum of 2 years working with a GRC system, incorporating continuous improvement for the system and process
- *Minimum of 5 years of experience in a combination of the following areas:
- Third party risk management
- Operational risk management
- IT risk management
- Supply chain management
- Oversight and/or relevant third-party audit or compliance experience process
- 3-5 years of audit background, preferred
- Comprehensive knowledge of third party risk management processes and methodologies such as:
- Calculating inherent risk
- Calculating residual risk
- Risk scoring
- Risk controls
- Comprehensive knowledge of the third-party risk management lifecycle: planning, due diligence, contracts, ongoing monitoring and termination
- Confidence to challenge others, where appropriate, with experience in management by influence, facilitating and gaining consensus
- Proven ability to anticipate and identify risks and effective mitigants
- Ability to manage ambiguity, ascertain facts, and apply judgement to complex risk scenarios
- Ability to manage deadlines to ensure the timely completion of TPRM materials by first line colleagues
- Ability to manage small projects or previous project management experience
- Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management/third party risk management related regulatory guidance (OCC 2013-29, Fed SR 13-19 or other relevant third-party risk management/vendor management regulation applicable to the financial services industry)
- Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
- Demonstrable stakeholder management and project management skills
- Advanced knowledge of Microsoft Office tools, specifically Excel, PowerPoint and SharePoint
- Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
- Performs other duties as assigned or requested.
*Represents basic qualifications for the position. To be considered for this position you must at least meet the basic qualifications.
Equal Opportunity/Affirmative Action Employer, Minorities/Females/Individuals with Disabilities/Veterans
Note: This preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Note: Candidates should be advised that City National Bank does not pay interviewee travel expenses or relocation expenses for candidates who are hired unless previously agreed.