Apply on Employer Site

Glacier Bancorp, Inc. · 1 day ago

Corporate Senior Third-Party Risk Analyst

Greater Billings Area

Full-time

Onsite

Mid, Senior Level

$69K/yr - $113K/yr

5+ years exp

Glacier Bancorp, Inc. is seeking a Senior Third-Party Risk Analyst to manage and enhance their Third-Party Risk Management program. This role involves collaborating with other analysts, implementing risk management technology, and ensuring compliance with regulatory standards while driving strategic enhancements.

BankingCommercialFinanceVenture Capital

Growth Opportunities

No H1B

Responsibilities

Help lead the design, build, implementation, and optimization of third party risk management technology platform and supporting processes, including execution of strategic initiatives to modernize the TPRM operating model

Provide Program guidance for risk-based due diligence reviews across third and fourth party relationships. Utilize the bank’s risk profile framework to assess inherent risk and accurately risk-rate third parties, with particular focus on operational, information security, cybersecurity and compliance risk. Partner with Third Party Relationship Owners to facilitate completion of due diligence requirements, review and challenge provided due diligence. Escalate material risks and issues to third-party risk as appropriate

Develop enhance and maintain the overall TPRM Program through updates to policies, procedures, governance, templates, technology, training, and communication. Ensure effective use of the third party risk management system across all phases of the third party lifecycle and maintain alignment with applicable regulations and current cyber risk mitigation practices. Lead initiatives to clearly define and monitor third party access to sensitive customer, employee, and bank data and systems

Manage the contract review process with business units and division staff to ensure contract language appropriately protects the bank's interest, reduces operational, legal and financial risk, and include required contractual provisions. Support contract execution, ongoing contract management, and contract termination processes to ensure the secure return or destruction of customer, employee, and bank information

Create, enhance, and deliver management and board reporting, including third-party inventories, dashboards, performance metrics, issue tracking, risk acceptance and findings. Effectively communicate results and recommendations to audiences at all levels of the organization and identify risks requiring escalation

Monitor regulatory and industry developments related to third-party risk management and pro-actively enhance the program to align with evolving expectations and best practices. Provide leadership to ensure compliancy with Inter-agency Guidance on TPRM and related regulatory requirements, and serve as the key point of contact with regulators, auditors, consultants, and other external parties

Support the Enterprise Risk Management function through activities such as report development, technical writing, regulatory reporting and research of emerging risk issues as needed

Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date

Qualification

Risk ManagementThird-Party Risk ManagementRegulatory ComplianceContract AssessmentMicrosoft WordExcelGRC ToolsAnalytical SkillsTechnical WritingProject ManagementCommunication Skills

Required

Bachelor's Degree in Business Administration, Finance, Accounting, Mathematics, Economics, Computer Science, Business Information Systems or other business related field

5 years of experience in developing and managing risk activities such as, legal, vendor/third-party, information security, compliance, audit, regulatory, consulting, or other related program

2 years of experience in conducting assessments of contracts, agreements, regulations, laws, or other complex technical documents, including the ability to interpret, challenge, and recommend revisions

1 year experience in reading and understanding SSAE 18 Reports, SOC Reports, ISO Certifications, industry standard SIG framework, and Cloud Security Questionnaires preferred

Advanced / Specialized Knowledge of Microsoft Word and Excel

Lead and build programs with strong passion to continuously identify and execute improvement opportunities

Serve as a subject matter expert for third party risk management technology, including participating in or helping lead the selection, configuration, and implementation of a new TPRM tool

Identify opportunities to streamline workflows, reduce manual effort, and improve end to end stakeholder experience

Incorporate enhanced system features and automation to reduce client pain points, simplify business owner interaction, and add value at each stage of the third party lifecycle

Demonstrated experience building, enhancing, or transforming third party risk management programs

Hands on experience implementing or significantly enhancing a third party risk management system

Proven ability to analyze and compare current state versus future state program and technology requirements

Strong process improvement mindset with experience reducing friction, improving efficiency, and delivering measurable value

The ability to collaborate, communicate, motivate, persuade, and influence stakeholders at all levels

Provide leadership and subject matter expertise/training to all parties in support of compliance with the Third-Party Risk Management Program

Strong team player with the desire to partner across the organization and achieve results

Passion to continuously identify and execute improvement opportunities within the Enterprise Risk Management Department

Proven strong problem solving, analytical and technical skills

Strong organizational skills, adaptability to frequently changing demands, and ability to appropriately prioritize numerous open projects

Excellent technical writing and oral communication skills

Ability to read, comprehend, and evaluate detailed laws, regulations, policies, programs, and data

Ability to read, interpret and effectively challenge contracts and agreements

Possess strong project management skills with the ability to design and execute innovative programs

Possess analytical/quantitative skills demonstrating the ability to handle, analyze, interpret and utilize data to solve complex problems

Self-starter with ability to take ownership and accountability of all roles and responsibilities

Employee must be capable of interacting calmly and professionally with a variety of people from diverse backgrounds at various levels within and outside of the organization

Employee must be capable of regular, reliable, and timely attendance

Preferred

Legal education such as paralegal studies; Juris Doctor degree (JD)

Knowledge Of: Understanding of RCSA and logging vendor deficiencies

Knowledge Of: Banking or financial industry knowledge and experience

Knowledge Of: Information security and cyber risk as it pertains to vendor management

Knowledge Of: Understanding of federal banking guidelines and regulations, specifically related to third-party risk requirements

Knowledge Of: Utilizing GRC tools to assess, manage, track, and report on third-party risk

Certified Third-Party Risk Professional (CTPRP), Certified Third-Party Risk Assessor (CTPRA), Third Party Cyber Risk Assessor (TPCRA), or Certified Third Party Risk Management Professional (C3PRMP)