Third Party Risk Analyst

ABOUT:

People helping people. That's what a credit union, and in particular Navigant Credit Union, is all about. Our mission is to improve the financial well-being of the families, businesses, and communities we serve, and have been since our founding in 1915.

Now at more than $3 billion in assets, Navigant Credit Union is among the largest credit unions in Rhode Island, yet still maintain our community-driven values.

Those values-and our belief in putting people first-are just a few of the reasons why Navigant Credit Union has been named "Rhode Island's Best Place to Work" year-after-year by the Providence Business News.

Our Core Values consist of "Leadership, Unity, Caring, and Integrity" are the guiding principles for our organization. They are the qualities and/or traits that we consider a high priority for Navigant Credit Union employees.

Our company prides itself on demonstrating community-based values and investing in our workforce, while exceeding member expectations. We offer tremendous opportunities for professional development, career advancement, and a best-in-class benefits package including a rich medical and dental plan, vision benefits, a robust 401(k) with a generous employer match, tuition reimbursement, competitive salaries, paid volunteer days, and opportunities to give back to the community.

If you believe you'd be a great fit, and are interested in joining our team, submit an application today!

ABOUT THIS ROLE:

Under general supervision, this position supports the Vendor Management Program and collaborates with business lines for the success of the overall Information Security Program.

WHAT YOU WILL DO:

1. Performs the Vendor Due Diligence (VDD) on all new and existing vendors, partnering with subject matter experts and business lines as appropriate.
2. Monitors due dates for ongoing VDD and contracts. Coordinates with business lines to retrieve for timely reviews.
3. Evaluates and implements Vendor Program enhancements to keep in line with industry and cyber trends.
4. Maintains the Risk Management Tool as it relates to the Third-Party Risk Module.
5. Assists the VP, ISO with the Vendor Risk Assessment process including analyzing results.
6. Monitors third-party risk through incident trends, business continuity needs, and risk management, reporting to the VP, ISO to ensure a cohesive Information Security Program and accurate risk posture.
7. Collaborates with the Corporate Legal Team relating to contract reviews and ensures executed contracts are uploaded to the Risk Management tool.
8. Updates the Vendor Watch List and communicates trends and concerns to the ISO for reporting and decision-making needs.
9. Monitors DnB Alerts for potential impact to NCU.
10. Collaborates with Enterprise Risk Management (ERM) on the impacts of NCU's third parties to the heat map. Completes the annual entity risk assessment with ERM.
11. Participates in new vendor discovery calls as applicable.
12. Supports the implementation of new processes and tools that will improve the Information Security posture of the Credit Union.
13. Maintains strong working relationships with business lines involved in managing third parties and risk across the Credit Union.
14. Stays up to date with the latest industry threats and regulatory changes.
15. Performs other duties as assigned by the VP, Information Security Officer.

QUALIFICATIONS:

Education

Bachelor's degree preferred with a concentration/focus on risk, information assurance or audit.

Experience/Skills/Knowledge:

1. 1-3 years of experience in Vendor Management or general Information Security required, preferably in a credit union or financial institution.
2. Experience with enterprise risk management technology preferred.
3. Must possess strong organizational, critical thinking and problem-solving skills.
4. Strong understanding of regulatory requirements including GLBA and FFIEC Guidance preferred.
5. Must have excellent verbal, written, and interpersonal communication skills, including ability to communicate risks and concepts to business lines outside the Information Security Department.
6. Must possess a strong service orientation in alignment with the credit union's mission and core values.
7. Ability to simultaneously work on several tasks with varying priorities, paying attention to source of information and deliver an effective outcome required.
8. Ability to deal with highly confidential information required.
9. Ability to understand business needs and commitment to deliver high quality, prompt, and efficient service to all business lines required.
10. PC proficient, including Microsoft Office (Word, Excel, PowerPoint, Outlook) and the Internet.