Third Party Risk Management Analyst

At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives, and is committed to doing well by doing good.

What will you contribute?

Working as part of the Global Risk Management team, and reporting to the Director, Third Party Risk Management the Third-Party Risk Management Analyst will ensure that the day-to-day activities of the vendor due diligence programs are successfully performed. This includes managing the risk assessment and due diligence processes, throughout the lifecycle as part of Finastra's Third Party Risk Management Program. 

Responsibilities & Deliverables:
Your deliverables will include, but are not limited to, the following:

• Support the Finastra's third party risk strategy, collaborating with various stakeholders to perform due diligence, risk assessment and ongoing monitoring of Finastra's third parties and partners, ensuring inherent risks and control gaps are accurately identified and remediated

• Ensure Third Party Risk Management policy and procedures, and eGRC tool capabilities are implemented according to approved goals and policy

• Validate incoming vendor and partner engagements, working with business partners to ensure data is complete and accurate and inherent risks are identified

• Coordinate the distribution of due diligence questionnaires to the vendors and partners, review submitted questionnaires for completeness, ensure Risk stakeholders finalize reviews and determine overall residual risk rating. 

• Ensure all appropriate assessments are distributed, tracked and returned on a timely basis.

• Ensure that vendors have required assessments and supplied artifacts.

• Be a strong liaison to ensure that Risk Stakeholder questions are answered by Business or Suppliers as required.  Conduct certain aspects of supplier due diligence not covered by risk stakeholders

• Contribute to the development of detailed procedural documents and ensure alignment of TPRM with regulatory requirements including FFIEC, OCC and other applicable regulations

• Develop and run consistent and accurate reports related to the supplier list and analyze data to prepare supplier reporting for senior management

• Develop and populate metrics, reports and spreadsheets as necessary to showcase issues, risks and program status.
  
  Required Experience:

• 3 Yrs + of work experience related to Third Party Management or Vendor Risk Management; financial services experience a plus.

• Bachelor's of Arts or Sciences degree in the fields of Information Systems, Business Administration, or related major.

• One or more relevant professional certification, such as Certified in Risk and Information Systems Control (CRISC), Certified Regulatory Vendor Program Manager (CRVPM) or Certified Third Party Risk Professional (CTPRP).

• Familiarity with risks related to IT application development and infrastructure maintenance, IT security, business continuity and disaster recovery, and emerging technology platforms – Artificial Intelligence, mobile device platforms, cloud services, Big Data, and social media.

• Understanding of vendor risk management practices, including the lifecycle of risk identification, treatment, mitigation, acceptance, remediation as well as inherent and residual risks.

• Familiarity with laws, regulations, guidelines, and frameworks within the financial services industry that mandate risk management requirements such as FFIEC, NIST, ISO27001, DORA, OCC Heightened Standards, etc.).

• Clear written and oral communication skills

• Intermediate skills in Microsoft Excel, PowerPoint, and Word with the ability to create presentations, metrics and reporting

• Familiarity with basic PowerBI reporting

• Experience with GRC tools such as Venminder, Process Unity, or OneTrust.

We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold:

·       Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.

·       Well-being: Access Confidential one-on-one therapy through our Employee Assistance Program, find support from our network of Wellbeing Champions and Gather Groups, and a calendar of monthly events and initiatives designed to help you thrive - Inside and Outside of work.

·       Medical, life & disability insurance, retirement plan, lifestyle and other benefits*

·       ESG: Benefit from paid time off for volunteering and donation matching.

·       DEI: Participate in multiple DE&I groups for open involvement (e.g., Count Me In, , , , ).

·       Career Development: Access online learning and accredited courses through our Skills & Career Navigator tool.

·       Recognition: Be part of our global recognition program, Finastra Celebrates, and contribute to regular employee surveys to help shape Finastra and foster a culture where everyone is engaged and empowered to perform at their best.

*Specific benefits may vary by location.

At Finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.

Be unique, be exceptional, and help us make a difference at Finastra