Job Purpose
The Senior Third-Party Risk (TPRM) Analyst is responsible for ensuring consistent end to end lifecycle management for third parties as the main point of contact for third-party service requests; including intake, analysis and review of third-party services and the impact/risk associated with utilizing them. This role will be critical in ensuring compliance with ICE’s TPRM program standards and policy by:
- Meeting and discussing third-party risk with both internal and external contacts
- Providing guidance, assistance in on-going training and awareness activities across the enterprise
- Support and assist with all internal and external audit/exam related inquiries for TPRM
- Develop and maintain strong interdepartmental relationships with business partners.
Responsibilities
- Perform risk assessments according to department policy, procedures, and schedule for all new and existing third parties
- Conduct reviews to Identify issues, risk and controls gaps and take appropriate action timely
- Work with stakeholders across business to ensure compliance of ICE TPRM policy and assisting the BAU to resolve vendor related issues
- Utilize GRC tools, Service Now & Process Unity, to execute risk assessments of ICE’s direct and indirect third parties in accord with program standards
- Identify policy violations by relationship owners and work on remediation in the form of memorandums or other remediation timelines
- Manage both new onboarding, termination as well as annual third-party assessments in conjunction with the TPRM team
- Provide updates on status, roadblocks and completion dates for respective TPRM activities such as assessments, remediation plans and third-party onboarding
- Generate on-time, accurate, insight driven reporting to all levels of the organization
- Ensure data validation and quality assurance process is in place for continuous validation of third-party records
- Coordinate and/or perform "Lunch and Learn" sessions to offer continuous education around new TPRM processes or Emerging Risks
- Responsible for being in office 4 times a week as well as being the point of contact for TPRM related matters to assigned area of responsibility
- Performs other related duties as assigned
- May require occasional domestic travel as needed
Knowledge and Experience
- Bachelor’s degree in Business, Finance, Risk Management, or a related field; advanced degree or relevant certifications (e.g., CTPRP) are preferred
- Minimum 5+ years of experience in third-party risk with experience
- Demonstrated experience identifying vendor due diligence requirements, planning vendor engagements, and overseeing and monitoring vendor activities
- Strong understanding of TPRM frameworks, risk assessment methodologies, relevant regulatory requirements (i.e., OCC, FFIEC, FDIC, and CFPB), and working knowledge of NIST, COBIT, COSO rules and expectations
- Experience with ProcessUnity and/or ServiceNow strongly preferred
- Experience in an enterprise environment within a public company, preferably in the finance or baking domain
- Ability to develop relationships with business units, especially as it relates to operations and technology
- Ability to provide information to a wide variety of audiences regardless of topic and effectively deal with issues that are confidential and sensitive in nature
- Excellent communication skills, with experience leadings presentations to all levels of the organization
