Third-Party Risk Management Analyst at Five Star Bank in Rochester, New York

Job Description:

Five Star Bank and affiliate companies are committed to Equal Employment Opportunity and Affirmative Action. We recruit, hire, train and promote persons in all job titles and ensure that all other personnel actions are administered without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Five Star Bank and affiliate companies are committed to providing reasonable accommodations to employees and applicants with disabilities to the full extent required by the Americans with Disabilities Act (ADA). If you feel you need a reasonable accommodation pursuant to the ADA, you are encouraged to contact us at (585) 786-4344, (585) 498 - 7565 or (585) 786-1417.

Position Title: Third-Party Risk Management Analyst

Location/Affiliate: FSB Plaza, Chestnut Street

Department: Risk Department

Reports To (Title): Enterprise Risk Manager

FLSA Status: Exempt

Purpose: The Third-Party Risk Management Analyst will play a critical role within the Third-Party Risk Management team, reporting to the Head of Enterprise Risk Management. The team acts as an independent, second line of defense function responsible for providing third-party risk oversight for the Company's third-party service providers. The function is responsible for providing oversight of risks posed by contracted third-parties and sub-contractors the Company may engage with to deliver services to them.

There is a need to drive evolution of the third-party risk management framework, support adoption of best practices and introduce new processes as required to bolster the existing framework. The individual will play a key role in performing third-party risk management activities which will include work on developing and reporting risk metrics, third-party risk assessments, risk-appropriate due diligence oversight for the Company's third-party service providers, performing ad-hoc deep-dive analysis, and preparation of materials (PowerPoint, Word, Excel) to Executive Management, Management-level Committees and the Board of Directors.

Scope and Direction:

Area of Responsibility: Company Risk Management

Degree of Supervision Received (Minimal, Moderate or Extensive): Moderate

• 
  From (Title): Enterprise Risk Manager

Degree of Supervision Given (None, Minimal, Moderate or Extensive): None

Essential Functions: Employees must be able to perform the essential functions of the position with or without reasonable accommodations.

1.Coordinate with colleagues across Information Security, Compliance, Treasury and Risk to assess existing and emerging third-party risks related to cyber, security, resiliency, regulatory compliance and financial health

2.Perform risk-appropriate due diligence oversight for the Company's third-party service providers

3.Develop risk profiles of third-party relationships and provide effective challenge to Product Owners to assess whether the risks of the third-party relationship are understood and within tolerance

4.Assist in the development and implementation of risk measurement techniques, including enhancing existing risk assessment criteria, developing Key Risk Indicators ("KRIs"), response and mitigation requirements to manage third-party risks

5.Coordinate with Product Owners and other Risk Owners to conduct due diligence review of new third-parties prior to contract signing to gain an understanding of the risks posed by the service-provider and mitigating controls

6.Maintain and/or oversee relevant policies and procedures related to the Company's third-party risk management processes

7.Perform ad-hoc analysis and assist in preparing materials (PowerPoint, Word, Excel, etc.) for Executive Management, Company Risk Committee and Risk Oversight Committee of the Board of Directors. Additional presentations for various parties as needed. May be called upon periodically to report findings to various committees.

8.Responsible for identifying areas of improvement and communicating recommendations to Management.

9.Demonstrates the standards and principles of the Five Star Bank experience in every interaction with internal and external customers and associates. Incorporates the high-performance behaviors of teamwork, leading by example and service in every facet of work

10.This job description is not exhaustive. The Third-Party Risk Management Analyst may be required to perform other duties as assigned

Job-Related Qualifications:

Education and Prior Experience:

Required:

• Bachelor's Degree in Accounting, Finance, Business Administration, or related field


• 4+ Years Type: Financial services or consulting in financial services
  
  
  • Prior risk management experience, including knowledge of financial markets and regulatory environment. Prior exposure to third-party risk management, information security and business continuity preferable
  
  
  • Prior audit experience, including development, documentation and testing of risks and controls in a top-tier public-accounting firm also preferable
  
  
  
  

Competencies:

1.Logical thinking, ability to analyze complex sets of data and convert to meaningful risk reporting

2.Strong communication, analytics, risk management and program management skills

3.Excellent communication skills, both written and oral

4.Excellent interpersonal skills with the ability to interact effectively with all levels of company employees; Ability to influence others to facilitate and achieve results

5.Ability to collaborate across multiple functional areas, while able to provide effective review and challenge, where needed

6.Understanding of risk and controls in the financial regulatory environment

7.Strong Microsoft Office skills, especially PowerPoint, Excel and Word. Ability to craft presentations or documents based on high-level guidance

8.Strong organizational skills with the ability to manage multiple priorities independently and meet established deadlines; Strong attention to details and must be detailed-oriented

9.Strong presentation skills

Physical Requirements:

1.Able to regularly sit for prolonged periods of time

2.Extensive computer usage is required

3.Occasional travel within corporate footprint

Note: At a later stage in the application process, applicants may be required to provide information about their criminal conviction history, if any, and to authorize the procurement of a consumer report that will contain, among other things, information about criminal conviction history. Except as required by applicable law, past criminal convictions will not automatically disqualify an applicant from employment, and Five Star Bank will only consider such history in accordance with applicable law. Please be advised, however, that federal law prohibits Five Star Bank from employing "any person who has been convicted of any criminal offense involving dishonesty or a breach of trust or money laundering, or has agreed to enter into a pretrial diversion or similar program in connection with a prosecution for such offense" unless the FDIC has provided prior written consent.