Job Description

SUMMARY

The Risk Management Analyst is a key member of the risk management team and is responsible for conducting risk identification, measurement, mitigation, monitoring, and reporting activities in accordance with the enterprise strategy and risk appetite of our business. This spans all individual risk categories and third-party relationships. The Risk Management Analyst is also responsible for supporting the outsourced internal audit function and performing duties as a backup to the Information Security Director.

RESPONSIBILITIES

• Implement, document, coordinate, review, and maintain CACU’s risk-based due diligence processes for all third parties.
• Facilitate completion of periodic due diligence questionnaires by third parties.
• Facilitate completion of periodic third-party due diligence reviews by relationship owners within the organization.
• Develop and maintain reports and dashboards for oversight and analysis of third-party risk management assessment results and processes.
• Develop robust risk assessments and control enhancement activities for various activities, processes, products, and functions at the Corporate.
• Monitor and report risk mitigation plans associated with the ERM process and risk management processes in individual risk categories.
• Track key risk indicators and key performance indicators across the organization.
• Develop and manage reporting to effectively communicate key risks, findings, and recommendations for improvement and discuss with key stakeholders.
• Evaluate the design and operation of internal controls by periodically testing key controls performed by business units.
• Remain current on trends and current events affecting the industry including economic developments to identify new risks.
• Administratively support the fully outsourced internal audit function by following up on action plans with management and obtaining evidence to close those action plans.
• Provide periodic reports to the Supervisory Committee regarding audit findings and remediation efforts.
• Backup to the Information Security Director (review vulnerability scans, monitor vendors for zero-day exploits, review reported phishing emails, administer information security training, etc.) and other information security duties as assigned.

REQUIREMENTS

• Bachelor’s Degree in Accounting, Business Administration, or related field.
• Understanding of risk management functions, including IT and audit, cyber security, and compliance.
• Experience identifying and defining risks in a financial institution.
• Knowledge of third party/vendor management lifecycle.
• Ability to research and analyze data.
• Ability to use logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.
• Ability to gain a thorough understanding of all aspects of operations.
• Excellent interpersonal, written, and verbal communication skills.
• Proficiency in Microsoft Office (Excel, Word, Outlook, etc.)
• Experience with Archer software is a plus.

DEPARTMENT AND/OR JOB SPECIFIC COMPLIANCE REQUIREMENTS

• Adhere to Corporate, departmental, and governmental policies and regulations, laws, and policies.
• Adhere to the ERM framework designated by the Corporate, the Committee of Sponsoring Organizations (COSO) ERM framework.

SCHEDULE

Mondays and Tuesdays in-office, Wednesday, Thursday and Friday you can work in the office or from home.

Job Tags

Similar Jobs