(Hybrid) Third-Party Risk Management Analyst

McLean, VA, United States

Overview

Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members “do better.” Joining PenFed is more than being an employee; it’s about being a part of the PenFed family.

PenFed is hiring a (Hybrid) Third-Party Risk Management Analyst at our Tysons, Virginia location. The primary purpose of this job is to support the overall management of PenFed’s third party risk program. The TPRM Analyst will serve as a third party risk management liaison to PenFed’s internal lines of business with responsibilities to include, but are not limited to, scheduling, analyzing key service providers, monitoring, and managing on-going third party risk assessments, vendor scorecards, and project management.

Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.

Plan PenFed’s key service providers risk assessments and due diligence reviews designed to achieve engagement objectives involving PenFed’s operational lines third party relationships.

Perform an analysis of all new relationships as well as the impact of enhancements to the risk profile of existing third party relationships and uses judgement to determine the third party inherent risk and due diligence requirements.

As a team leader or individual request due diligence documentation for the appropriate risk rating and/or product or service from the PenFed business owner and third party. Upon receipt of requested documentation evaluate for completeness, risk management and control processes are operating as intended and in compliance with applicable laws and regulations. If documentation does not satisfy our requirements, request follow-up documentation as needed.

Facilitate risk assessment questionnaire and due diligence artifacts to appropriate subject matter experts (SMEs) (e.g. accounting, lending services, compliance, business continuity, and information security). TPRM Analyst may act as an SME for approved compliance and/or financial related reviews. Request business owner to complete third party scorecard and user entity controls, if required by SOC report. Escalate and report any controls weaknesses identified by SMEs to department management.

Must be able to think analytically and critically to adjust risk assessment ratings, due diligence documentation, and develop mitigation requirements based on the due diligence artifacts and SME specifications. Develops recommendations for management and monitors remediation plans.

Maintains knowledge of regulatory compliance and assess upcoming regulatory changes for assigned business lines to determine the impact of their third party relationships.

Develop and maintain working knowledge of third party risk management requirements, regulatory guidance and industry best practices.

Participate as a third party risk management SME for new key service providers projects to ensure all risks are considered and appropriate level of risk assessment and due diligence is performed. Participate in system demonstrations and facilitates third party client reference check calls.

Maintain communication with management on identifiable risks and remediation plans.

Qualifications

Equivalent combination of education and experience is considered.

Bachelor’s Degree or equivalent combination of education and related work experience is required.

A minimum of three (3) years’ related financial institution compliance, audit, or third party risk management experience is preferred.

Must be able to demonstrate analytical and critical judgment to adjust documentation and mitigation requirements based on the requirements of each situation.

Comprehensive knowledge of Third Party Risk Management methodologies and regulatory guidance.

Demonstrate ability to work independently in a highly visible position.

Intermediate knowledge of consumer banking laws and regulations (i.e. NCUA, FFIEC, OCC, CFPB, UDAAP) and how they are applied to third party relationships

Proven ability to balance multiple priorities, adapt to constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast paced environment.

Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio).

Licenses and Certifications

Certified Regulatory Vendor Program Manager (CRVPM) or willing to become certified.

NAFCU’s NCCO designation or willing to obtain certification.

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

*Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.*

Travel

Limited travel to various worksites is required.

About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 2.8 million members and over $36 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.

PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 402-639-8568.

#J-18808-Ljbffr