Job Description:

Third-Party Risk Analyst SeniorThe Third-Party Risk (TPR) Analyst Senior, reporting to the TPR Manager, will support the program by working with assigned business units to ensure third-parties are managed in accordance with program design. The position will also be responsible for understanding the external industry, regulatory changes and trends affecting TPR management, and the changes in process that need to take place in order to respond to those external factors.Postion Responsibilities:TPR Division AdvisorWork with divisional management and their organizations on Third-Party risks, remediation, and strategies to ensure robust operational capability and effective implementation of outsourcing arrangements.Assess new or changing industry conditions, technology, and lawsregulations to advise leaders on adjustments required as well as how TPR program is evolving to assist.Discuss complex issues, such as supplier concentration risk, and advise remediation strategies.Report on third-party supplier risk across various dimensions (information security, financial, geographic, etc.).Provide guidance and recommendations for remediation of TPR issues.Participate in TPR, and relevant (divisional) industry forums to share, design and implement solutions.Program OversightEnsure proper and timely execution of the TPR program, i.e., ensuring that risk assessments (i.e., Inherent and Residual Risk), are completed on new and existing third-party suppliers and all other program activitiestasks, in accordance with the policy, framework and related program documents, including challengedue diligence tasks, and guidance to business unit and other corporate stakeholders.Coordinate risk assessments, working with supplier, subject matter experts, and division supplier managers.Explain assessment results in plain language, identify implications, and explain options.Prepare and present training materials to internal CMA stakeholders (i.e., SIMsSRMs LOBs, and other corporate business partners) on the TPRM program (i.e., required tasks, timeframes, evidence required, reporting, etc.), and on the eGRC Archer tool that supports the TPRM program. Prepare andor periodically provide training to external sourcesevents, as assigned on Third-Party Risk Management.Review Inherent Risk Questionnaires and due diligence results with supplier managers and advise supplier managers on remediation plans of any identified issues.Continuous ImprovementIdentify process and technology improvements (new tools, improved reporting, etc.).Serve as occasional project manager for improvements.Mentor TPR analysts and share knowledge developed from working with complex and high-risk functions to develop continuous improvement opportunities.Audit and Regulatory ExamsSupport internal audit and regulatory exams regarding the TPRM programactivities by gathering documents, identifying resources to participate, and conducting analysis.Identify and manage the design, implementation, and testing of remediation plans for identified program gapsdeficiencies.Position Qualifications:Bachelor's degree from an accredited university7 years of Third-Party Risk Management experience5 years of financial services operations experience3 years of eGRC Archer experience