Vendor Risk Manager
Alaska USA Federal Credit Union
Region: Renton, Washington
Alaska USA Federal Credit Union is a not-for-profit, member-owned financial services cooperative providing service, value, and convenience to members since 1948. Alaska USA provides members with great rates on loans and deposits as well as low fees for services. This commitment to each member’s financial well-being is what makes the Alaska USA experience better than banking®.
Alaska USA has branches in Alaska, Arizona, California, and Washington and serves members living in all 50 states and around the world. With a full range of financial services, members have everything in one place, including checking and savings accounts, consumer loans, and credit cards. In a growing number of locations, Alaska USA also offers business services, commercial and personal insurance, and real estate loans, as well as mortgage loans by Alaska USA Mortgage Company.
FACTS ABOUT ALASKA USA
- Founded in 1948
- More than 681,000 members in all 50 states and around the world
- More than $8.55 billion in assets
- Branches in Alaska, Arizona, California, and Washington
- Most branches open seven days a week
- Financial Centers in Anchorage, Fairbanks, Kenai, Soldotna, and Wasilla, Alaska, as well as Victorville, California
- Offers consumer and commercial deposit and loan services, as well as mortgage and real estate loans, insurance, investments, and investment management
- Credit union accounts federally insured by the National Credit Union Share Insurance Fund (NCUSIF)
SUMMARY JOB DESCRIPTION:
- Initiates and facilitates vendor screening processes and performs initial and periodic due diligence reviews in a timely fashion.
- Maintains continuous monitoring of vendors between periodic due diligence reviews for issues such as OFAC and UDAAP compliance.
- Maintains heightened level of summary documentation including documented internal risk acceptances on each vendor under the purview of the vendor risk management function.
- Maintains schedules of vendor ongoing due diligence and performance reviews based on risk rating and criticality.
- Coordinates with management and key stakeholders regarding vendor risk and performance.
- Reports on and escalates risk issues to the Corporate Counsel Contracting and Vendor Management.
- Maintains best-in-class data and matrix’s for monthly and periodic credit union wide reporting requirements.
- Identifies ways to improve risk and performance policies/procedures/processes, user experience, and systems involved in the monitoring and tracking of vendor risk with an emphasis on a risk-based approach that is consistent and repeatable across risk dimensions.
- Develops a working knowledge of all vendor relationships under the purview of the vendor risk management function.
- Maintains a thorough understanding of all relevant internal policies and external regulatory requirements applicable to credit union vendor risk management.
- Actively supports and promotes a culture of progress ensuring day-to-day quality & risk mitigation is maintained through periods of strategic change.
- Develops and provides assistance to other members of the department.
- Actively bring a positive attitude and wide degree of creativity and latitude to each task as assigned.
- Performs other duties as assigned.
- Four years of experience in a vendor risk management related field. Four years of experience with computerized vendor management system. Working knowledge industry specific rules and regulations including but not limited to the Bank Secrecy Act of 1970, Right to Financial Privacy Act of 1978, Fair Lending rule and regulations, Gramm-Leach-Bliley Act/Financial Services Modernization Act of 1999, California Consumer Privacy Act of 2018, General Data Protection Regulation, National Credit Union Administration rules and regulations, Federal Financial Institution Examination Counsel best practices and handbooks, Consumer Financial Protection Bureau rules and regulations, and NIST standards. Ability to design/augment processes and implement change across the credit union bringing a concept to reality. Exceptional critical thinking and problem-solving skills; strong judgment, Relentless customer focus with the ability to conduct interactions with resilience, poise, and grace under pressure. Advanced knowledge and understanding of due diligence documentation including but not limited to standard controls documentations/reports, financial statements, systems diagrams, business continuity program statements, certificates of insurance, and privacy program statements. Significant analytical skills and strong organizational ability. Keen attention to detail. Ability to manage multiple priorities and projects in a fast-paced environment. Excellent and demonstrable oral and written communication skills. High emotional intelligence, good judgment, and sense of humor. Proficiency in MS Word, Power Point and Excel is required.
- A bachelor’s degree in Computer Science, Information Technology, Information Security, or related field.
CREDITABLE EXPERIENCE IN LIEU OF EDUCATION:
- Four years equivalent experience in compliance, risk assessment, third party risk management, policy development, security control development, security auditing, or information technology systems. The following certifications are preferred: CRVPM: Certified Regulatory Vendor Program Manager, TPRM: Third-Party Risk Management, CTPRP: Certified Third-Party Risk Professional, CTPRA: Certified Third-Party Risk Assessor C3PRMP: Certified Third-Party Risk Management Professional, CCSA: Certification in Control Self-Assessment, CISA: Certified Information Security Auditor, CRISC: Certified in Risk and Information Systems Control, CISSP: Certified Information Systems Security Professional, CGEIT: Certified in the Governance of Enterprise IT, or CISM: Certified Information Security Manager.
- Competitive compensation
- Health care benefits
- Matching 401k
- Paid leave
The credit union strives to provide employees a comfortable working atmosphere, career opportunities and financial security in the form of competitive compensation and comprehensive benefit programs.
Equal Opportunity Employer