This job has expired, please see additional jobs below
Associate Vendor Risk Manager
Sumitomo Mitsui Financial Group
New York, NY, United States
Job Details - this job has expired, please see similar jobs below
Overview
Within the Corporate Services Group, the Associate Vendor Risk Manager is tasked with minimizing risk for SMBC and its Subsidiaries. Incumbents work with other risk functions to develop and implement controls that mitigate vendor risks.
Responsible for supporting the execution of the Vendor Risk Management program. Supports Vendor Risk Management and in ensuring that third party vendor contract standards and due diligence controls are met. Uses independent judgment and discretion to identify, analyze and summarize contract and financial risk issues or key points ensuring compliance with Vendor Risk Management policies, laws, and regulations. Individual Contributor role. Reports to the Vendor Risk Management Officer.
Responsibilities
• Reviews the operational, information security, business continuity and regulatory compliance measures for all vendors under management.
• Performs vendor risk assessments on all vendors under management, and conducts onsite vendor risk assessments for critical vendors.
• Performs vendor risk assessment reviews according to the Bank's policies and procedures from start to finish and completes multiple reviews in parallel.
• Trains, coaches, and mentors internal Business Representatives on vendor risk processes and procedures.
• Provides status reporting on vendor program metrics to internal business partners, auditors, regulators, and eVMO Committee Members.
• Leads the remediation and on-boarding activities for new subsidiaries' vendors into the VRM Program, and provides on-going support and maintenance as required.
• Writes risk reports and works with vendors to implement remediation plans and responses.
• Performs regulatory/risk reviews for high and critical rated vendors.
• Provides summary reports and works with business representatives and vendors to implement remediation plans and responses
Qualifications
• Experience performing vendor risk assessments and vendor risk management activities in the banking industry, as well as performing on-site vendor assessments.
• Experience using industry recognized GRC applications
• Good understanding and experience of banking regulatory and compliance requirements (OCC, FFIEC, FDIC, FINRA, CFTC, etc.)
• Audit experience in FFIEC and ISO 27002 Domains (Security Policy, Human Resource, Access Control, Communications & Operations, Incident Management, Business Continuity/Disaster Recovery, Cloud, Physical & Environmental Security, Access and Asset Management, and Information Systems.)
• Experienced in communicating with regulators
• Ability to research regulatory guidance and apply such knowledge to the SMBC environment
• Demonstrated ability to think critically and problem solve.
• Excellent written /oral communication and influencing skills. Ability to create effective work relationships within and across functions, departments, and subsidiaries.
• Strong organizational skills