Job Title:

BDA- TRA Vendor Risk Analyst 

Department/Group:

Business Division A / Raymond James (RJ) 

Reports to: 

TRA Supervisor 

Classification 

Part-time (hourly) non-exempt

Job Description:

Role and Responsibilities

The Vendor Risk Security Analyst will be working with a motivated team of multi-faceted individuals working to ensure the protection of the company and our clients’ data from third-party threats by assessing the security controls of Raymond James vendors and contractors. In this role, you will work with risk identification and management that has the opportunity to collaborate with all areas of the company, including our international teams, to help prevent third-party attacks before they are introduced to the Raymond James environment. This role will be exposed to new technologies, business concepts, and team daily, which makes it the perfect team for you as a motivated, self-driven, well-communicated, eager to learn individual. The Vendor Risk Analyst will conduct information security Vendor Risk Assessments (VRA) on all in-scope third-party requests from all facets of Raymond James.

This position requires excellent attention to detail, above average communication skills as well as excellent time management and analytical skills.

Key Responsibilities

• Support third-party vendor onboarding by assessing Information Security networks and ensuring compliance with security standards.
• Establish and manage relationships with business units and stakeholders in the Vendor Risk Management process.
• Serve as the primary contact for Information Technology Business Continuity Plans and Disaster Recovery events.
• Act as the focal point for Information Technology Business Continuity Plans and Disaster Recovery events
• Where required, create Threat Based Risk Assessments for the Vendor Risk Assessment function
• Understand, and be familiar with PCI DSS requirements and assist in obtaining Attestation of Compliance from respective vendors in our inventory
• Manage time efficiently while maintaining thorough documentation of processes, procedures, and completed assignments.
• Ensure adherence to internal and external communication protocols, meeting weekly with UMRF Ventures management.
• Comply with all UMRF Ventures and Raymond James guidelines and policies.

Competencies

• Communication skills
• Written and verbal
• Time Management
• Attention to detail
• Comfort around higher management and stakeholders
• Technical knowledge and learning
• Required: knowledge of project management, and business processes, preferably in the financial sector
• Preferred: base knowledge of financial regulatory requirements such as SEC, FINRA, OCC, FFIEC, and or SOX
• Preferred: knowledge of the information security principles framework
• Preferred: Experience with ServiceNow, Microsoft Office Suite (SharePoint)

Qualifications and Education Requirements

• Preferred: STEM related curriculum / major
• Pursuing a Bachelor's degree in Computer Science, Information Systems, Cyber Intelligence, Business Administration or related degree with relevant experience or combination of education, training and experience.
• Must have worked at UMRFV for 6 months (if internal applicant)
• Performance metrics and work ethics must be exemplary.
• UMRFV Raymond James departmental experience or knowledge and familiar with RJ systems is highly preferred