Hot job opportunity!
As a Third Party Governance (TPG) Risk Assessor, you will be reporting directly to The Manager of the Third Party Governance Risk Assessment Team and will help assess and identify third party vendor issues, complete quality control function reviews and execute Third Party Vendor risk assessments. This will include escalating potential red flags and/or remediating identified risks with department or line of business partners, while providing robust and challenging insight on business risk and on the adequacy and effectiveness of the test control processes in place.
* Perform risk assessments by analyzing questionnaires such as third party profiles and due diligence evaluations.
* Evaluate third party vendors control infrastructure effectiveness and review evidence of controls by applying audit, compliance, security and regulatory framework knowledge and experience including, but not limited to: ISO 27001, Privacy Regulation and FFIEC (non-AML) requirements.
* Analyze vendor risk data including performance metrics and scorecards; aggregate reporting for executive sponsors, line of business owners and stakeholders as needed.
* Liaise with key business partners and team members to facilitate risk analysis to identify appropriate third party vendor risk classifications.
* Manage required artifacts, perform quality control reviews and support the termination process of third party vendors.
* Participate in the Third Party Governance (TPG) risk and compliance programs execution and adherence, including process enhancements and remediation efforts, as applicable.
* Develop working knowledge of the Bank of New York Mellons operations as needed to ensure optimization of due diligence reviews and risk assessments.
* Experience performing vendor risk assessments is required (experience only in vendor oversight or vendor management is not sufficient)
* Experience gathering information from a range of different sources and methods e.g. data collection, interviews, meetings, review of processes, manuals, and documentation is required
* Knowledge of Compliance, Audit, Regulatory and Risk Principles is required
* Knowledge of Information Security Principles is preferred
* Ability to plan, organize, prioritize and drive workload autonomously
* Experience driving solutions and working as part of a flexible high performing team
* Outstanding interpersonal, written and communication skills
Labor Category: Professional