Corporate Vendor Risk Analyst - Bozeman, Billings, Missoula, Helena

$63,686 yearly
  • Glacier Bank
  • Montana, USA
  • Jul 10, 2022
Full time Analysis Banking Legal Public Relations Senior Level

Job Description

About The Role

About the Role

Under the direction of the GBCI Operational Risk Manager, the Vendor Risk Analyst uses critical thinking, problem solving, analytical, and organizational skills to operate and enhance the current vendor/third party risk management program. The Vendor Risk Analyst is responsible for participating in the day-to-day operations of the Bank’s Vendor/Third-Party Risk Management Program. Supports the vendor management process, including aspects of program governance, designing and implementing enhancements to the program, and facilitating and/or coordinating vendor due diligence and ongoing monitoring. The candidate will ideally have knowledge of cyber security fundamentals and possess a strong desire to hone vendor-related information security skills.

 

The position is part of our Enterprise Risk Management team, which assists senior management and the board of directors in assessing, identifying, mitigating, and monitoring the corporation’s key risks as a means to protect the long-term safety and soundness of the company. The department is fast-paced and always evolving which requires the incumbent to maintain focus and productivity amidst competing priorities. Displays an interest in all areas of risk management and seeks opportunity to learn and contribute in a variety of ways.

 

This is a Corporate position which can be located in an available bank division location across our eight-state footprint - AZ, CO, ID, MT, NV, UT, WA and WY.  The midpoint for this position is $63,686.31+ / per year (calculated for Kalispell, MT).  All compensation offers are analyzed individually and take into consideration multiple factors including but not limited to geographic location, years of experience, and educational background.

 

Duties and Responsibilities

Description

% of Time Spent

·    Facilitates and conducts vendor due diligence reviews for the identification, measurement, monitoring, and mitigation of risk associated with third party vendor relationships. Utilizes the bank’s risk profile framework (credit, liquidity, market sensitivity, operational, regulatory/compliance/legal, strategic, and reputational risk) to assess the risk of vendors, paying particular attention to significant vendor risks such as cyber, compliance, and operational (business continuity) risks. Common review areas may include: vendor contracts; business continuity program; insurance; internal control and cyber risk reports (SOC1 and SOC2 reports); service level agreements (SLAs); and vendor financial performance. Works with department heads/vendor owners to facilitate the due diligence request lists, review/analysis, and any required mitigation activities based upon review results. Conducts due diligences both independently and collaboratively, depending on the vendor risk profile.

60%

·    Participates in and implements improvements to the overall vendor/third-party risk management program, including program governance, policies, procedures, templates, technology, training and communication. Utilizes software to capture, categorize, and risk score vendors.

25%

·    Utilizes the bank’s contract management process to participate in day-to-day operations. Analyzes contracts with various business units to ensure contract language appropriately protects the bank’s interest, limits bank risks, and the bank uses the contracts proactively to improve vendor service quality. Reviews will be conducted by the candidate or with legal counsel, depending on the vendor risk profile. Ensures all contracts are appropriately saved and archived.

5%

·    Supports the department in other duties such as report creation, technical writing, regulatory reporting, and others.

5%

·    Keeps abreast of all vendor management regulatory requirements and changes as well as industry best practice and enhance the program proactively. Ensures compliance with all regulations, policies, and procedures through continued maturation of the vendor risk program. Works directly with bank regulators, auditors, consultants, and other outside individuals.

5%

·    Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date.

 


About You

Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education

Required/Preferred

Education Level

Description

Required

Bachelor’s Degree

Bachelor's degree in Business Administration, Finance, Accounting, Computer Science, Information Security, STEM or Paralegal Studies or an equivalent combination of education and experience

Experience

Required/Preferred

Experience Level

Description

Required

3 years

Risk, Finance, or Banking experience

Required

Advanced Experience

Analytical skills: Ability to analyze, interpret and utilize data and information to solve complex problems

Required

Beginner Experience

Excellent verbal, written, and interpersonal communication skills and ability to interact with all levels of an organization

Required

Advanced Experience

Advanced Microsoft Word and Excel skills

Preferred

Beginner Experience

Cyber Risk/Information Security, Risk Management, Legal, Vendor, Compliance, Audit, Regulatory or Consulting experience

Preferred

Beginner Experience

Ability to review, interpret, challenge and revise contracts and agreements

Preferred

Beginner Experience

Experience in reading and understanding SOC1 and SOC2 Reports, ISO Certifications and Cloud Security Questionnaires

Would an equivalent combination of relevant education and work experience be considered?:  Yes

License/Certification

Required/Preferred

License/Certification

Description

Required Skills and Abilities

·    Ability to read, comprehend, and evaluate detailed laws, regulations, policies, programs, and data with the ability to Identify risks/concerns, make strong judgement calls, and summarize key points succinctly to audiences. Ability to provide constructive feedback and follow-up on their mitigation.

·    Proven strong problem solving, analytical and technical skills to efficiently and effectively conduct vendor due diligence reviews.

·    Ability to collaborate, communicate, motivate, persuade, and influence stakeholders at all levels is a critical component of the position. Internal and external stakeholders include the board, executive management, business units, auditors, consultants, and regulators.

·    Excellent technical writing and oral communication skills with particular emphasis on being able to articulate complex topics in a manner digestible to a wide audience.

·    Passion to continuously identify and execute creative improvement opportunities within the vendor risk management space and within the ERM Department to better enhance and develop the institution. Possess strong project management skills with the ability to design and execute new programs.

·    Strong organizational skills, adaptability to frequently changing demands, and ability to appropriately prioritize numerous open projects.

·    Self-starter with ability to take ownership and accountability of all roles and responsibilities.

 

Additional Requirements

Travel

Occasional travel required: (less than 10 days per year) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities.

Working Conditions

Environment:  Indoors, a climate-controlled shared work area.

Noise Level:  Minimal noise.

Lifting:  Sedentary work: Exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met.

Vision

Close visual acuity to prepare and analyze data and figures, view a computer terminal, and read the computer screen, printed materials, and handwritten materials.

Physical Activities

Frequency

Balancing: Maintaining body equilibrium to prevent falling and walking, standing or crouching on narrow, slippery, or erratically moving surfaces.

Infrequent – rare.

Climbing: Ascending or descending ladders, stairs, scaffolding, ramps, poles and the like, using feet and legs and/or hands and arms.

Infrequent – rare.

Crawling: Moving about on hands and knees or hands and feet.

Infrequent – rare.

Crouching: Bending the body downward and forward by bending leg and spine.

Infrequent – rare.

Feeling: Perceiving attributes of objects such as size and shape, temperature or texture by touching with skin, particularly that of the fingertips.

Infrequent – rare.

Fingering: Picking, pinching, typing or otherwise working primarily with fingers rather than with the whole hand as in handling.

Daily.

Grasping: Applying pressure to an object with the fingers and palm.

Infrequent – rare.

Kneeling: Bending legs at knee to come to a rest on knee or knees.

Infrequent – rare.

Lifting: Raising objects from a lower to a higher position or moving objects horizontally from position to position.

Infrequent – rare.

Pushing: Using upper extremities to press against something with steady force in order to thrust forward, downward or outward.

Infrequent – rare.

Pulling: Using upper extremities to exert force in order to draw, haul or tug objects in a sustained motion.

Infrequent – rare.

Repetitive Motion: Making substantial movements (motions) of the wrists, hands, and/or fingers.

Daily.

Stooping: Bending body downward and forward by bending spine at the waist.

Infrequent – rare.


What We Offer

COMPENSATION & BENEFITS: Starting salary is dependent upon relevant experience and may vary based on the geographic location of the position.  We offer an extensive benefits package that includes, but is not limited to medical, dental, vision, and life insurance, a health savings account option, an Employee Assistance Program (EAP), a health rewards program, a 401(k) retirement savings plan, discounts on banking products and services, and paid sick, holiday, and vacation time.  Visit our website for more details!

 

COMPANY OVERVIEW:  We are a family of banks whose unique local presence reflects the communities we serve.  We welcome the opportunity to grow and change as our customers and communities do the same.  Read our story, learn about our banks, and experience life at Glacier Bancorp, Inc. all from our website.  Check it out!  

 

We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws.

Glacier Bancorp, Inc. does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

 

No Recruiters or unsolicited agency referrals please.