Third Party Risk Analyst

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Includes the following, other duties may be assigned;

• BCP
o Maintain and input data into the Business Continuity Plan (BCP) application.
o Make recommendations to management for enhancements to the BCP.
o Use of analytical and critical thinking to determine actionable impacts to the BCP.
o Assist in interviewing functional department managers each year to determine modifications within the BCP to reflect Business Impact Questionnaire results.
o Assist in coordinating scenario testing for BCP documentation
• Vendor Management
o Enter and maintain significant/critical vendor profiles in the Vendor Management (VM) application.
o Responsible for the data integrity for all vendors in the VM application.
o Responsible for gathering documentation to keep vendor due diligence current.
o Use critical thinking to analyze new vendors and make recommendations and perform required due diligence based off criticality.
o Ability to use critical thinking to make recommendations to move certain vendors between criticality levels based off new information.
o Work with other departments of the bank to perform tasks that support Vendor Management.

• Risk Assessments
o Responsible for maintaining risk assessments for the following areas of the bank:
 Online, Mobile, Telephone Banking
 Social Media
 Systems Access

 Information and Cyber Security
 Workflows
 Various applications and products

o Responsible for coordinating meetings with functional department managers to perform risk assessments on various services/products.
o Responsible for data entry of Risk Assessments into the online Risk Assessment application.
o Use critical thinking and logic to determine if and when certain bank assets, services, or products need a risk assessment.

• Information Security Policies
o Coordinate meetings with functional department managers to discuss and document information security policies.
o Maintain Information Security Policies in the online application to include but not limited to:
 Change Management
 Core Application
 Incident Response
 Intrusion Detection and Prevention
 Mobile Devices
 Social Media
 Wireless Network Access

• Enterprise Risk Management
o Assist in creating and modifying
 ERM Risk Assessment
 GAP analysis report
 Top 10 risks and Key Performance Indicators (KPI's)
o Assist with development and maintenance of
 ERM Policy
 Mission Statements for Audit Committee and Risk/Compliance Committee
 Risk Profiles

• Data Analytics
o Assist in creating and maintaining reports for users to support business functions
o Assist with managing reporting to streamline reports and eliminate duplicate effort

QUALIFICATION REQUIREMENTS:
• Physical attendance at the workplace is an inherent requirement of the role
• To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.

The requirements listed below are...

Austin Bank Job THIRD002506 by eQuest