Overview:
VENDOR RISK SPECIALIST I
WHAT IS THE OPPORTUNITY?This position is part of CNB’s Vendor Management Office and is responsible for enterprise wide third party risk evaluations and management services. This role will support third party risk assessments to ensure they are properly organized, conducted, reviewed, and documented. The role will also focus on tracking risk remediation plans to completion. CNB established the Vendor Management Office to support the third party risk management framework.
What you will doFacilitate third party risk assessments for initial due diligence and ongoing oversight of third party vendor services. This includes collection of documents and analysis, third party risk assessment questionnaire requirements, reviewing audited reports of controls (i.e. SSAE18, SOC Type II, PCI AoC/RoC) and other information to support full evaluation of any potential outsourcing risks.
Partner and coordinate closely with internal stakeholder areas (i.e. Information Security, Enterprise Risk Management, Business Continuity Program Office, Credit Administration, and Compliance) to facilitate and evaluate 3rd party service providers.
Document remediation efforts/projects for material supplier risks and track to completion
Measure and monitor progress of supplier risk management activities, including issues tracking and risk remediation efforts, monthly and quarterly status reporting, key supplier metrics and periodic publishing of reports and metrics
Support facilitation and documentation of various reports, such as vendor scorecards and ongoing monitoring artifacts
Perform data analysis and draw conclusions as it related to vendor and contract data
Maintain vendor and contract data in systems
Champion the enterprise Vendor Management purpose throughout the organization; train and advise internal CNB staff on the vendor management processes
Provide risk awareness and training to colleagues in support of CNB’s Third Party Risk Management Policies and Procedures
Escalate issues (delays; significant gaps; uncooperative parties; etc.) to management as required; work to resolve issues as needed
Support various ad hoc projects supporting program enhancements, process improvements, and other functions
Ad hoc duties, as assigned
Must-Have*
Minimum of 4 years of third party risk management experience in the financial services industry, conducting risk assessments, and reporting on KRIs
Minimum of 3 years of experience in risk and controls identification, appropriately scoping assessments, and performing assurance testing.
Minimum of 2 years working with a GRC system, incorporating continuous improvement for the system and process.
Skills and Knowledge
Comprehensive knowledge of third party risk management processes and methodologies
Comprehensive knowledge of the third-party risk management lifecycle: planning, due diligence, contracts, ongoing monitoring and termination
Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
Experience with contracts, including master service agreements, statements of work, and license agreements.
Industry recognized third party risk management or vendor management certification
Six Sigma certification
Experience assessing cloud servicing arrangements
Strong project management skills (organizing, planning, reporting, documenting, driving tasks to closure, etc.)
Strong analytical skills, working with data and drawing conclusions
Excellent oral and written communication skills; ability to communicate with all levels of management; experience performing both detailed and executive-level documentation
Advanced knowledge of Microsoft Office tools; specifically, Excel and PowerPoint
CompensationStarting base salary: $87,027 – $138,965 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*To be considered for this position you must meet at least these basic qualifications
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Benefits and PerksAt City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues. Get an inside look at our .
INCLUSION AND EQUAL OPPORTUNITY EMPLOYMENT
City National Bank is an equal opportunity employer committed to diversity and inclusion. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other basis protected by law.’
ABOUT CITY NATIONALWe start with a basic premise: Business is personal. Since day one we’ve always gone further than the competition to help our clients, colleagues and community flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues to drive phenomenal growth today. City National is a subsidiary of Royal Bank of Canada, one of North America’s leading diversified financial services companies.