Third-Party Risk Management Specialist
Location: El Monte
Posted on: June 23, 2025
|
|
|
Job Description:
The Third-Party Risk Management (TPRM) Specialist is responsible
for evaluating and challenging risk assessments of third-party
vendors and partners. This role has a crucial part in maintaining
the organization’s risk management framework and ensuring
compliance with regulatory requirements. ESSENTIAL FUNCTIONS • Lead
reviews on Third Party Vendors and thoroughly examine risk
assessments. This involves a deep dive into the assessment
methodology, data collection processes, and risk scoring mechanisms
used. • Examine the identified risks, their potential impact on the
organization, and the likelihood of occurrence. Evaluate the
completeness of the assessment and control effectiveness • Provide
an independent review and evaluate the rationale behind risk
ratings, questioning assumptions and seeking additional evidence
where necessary regarding mitigation strategies proposed by
first-line teams. Assess whether the proposed risk ratings
accurately reflect the potential impact and likelihood of
identified risks. • For mitigation strategies, evaluate their
effectiveness, feasibility, and alignment with the Bank’s risk
appetite and tolerance levels. • Conduct independent risk
assessments based on internal risk domains. Identify potential
risks across various domains, including strategic, operational,
financial, compliance and reputational risks. Assess the
third-party’s control environment, business continuity plans,
information security measures, and compliance with relevant
regulations. • Based on the review and analysis of risk assessments
and independent evaluations, develop and propose risk mitigation
recommendations. • Identify gaps in current control measures and
suggest enhancements or new controls to address identified risks
effectively. Prioritize recommendations based on risk severity and
potential impact, considering the cost-benefit aspect of proposed
measures. • Work closely with business units to develop actionable
mitigation plans, including specific steps, timelines, and
responsible parties. • Collaborate with various departments within
the Bank to ensure a comprehensive and holistic approach to
third-party risk management. This includes regular interaction with
legal, compliance, information security, procurement, and business
units. Participate in cross-functional meetings, sharing insights
from risk assessments and seeking input from subject matter experts
in specialized risk areas. Coordinate with internal audit and
compliance teams to ensure alignment of TPRM practices with overall
risk management and compliance frameworks. • Keep abreast of
evolving industry trends, emerging risks, and changes in the
regulatory landscape is a crucial ongoing responsibility of this
role. Regularly review industry publications, attend relevant
conferences and webinars, and participate in professional
associations related to risk management and compliance. Assess how
new regulations or industry best practices may impact on the
organization’s TPRM Framework and processes. Monitor geopolitical
events, technological advancements, and other external factors that
could introduce new risks or alter the risk profile of existing
third-party relationships. • Create comprehensive, clear, and
actionable risk reports for senior management and relevant
committees. These reports will summarize the results of risk
assessments, highlight key risk areas, track the status of
mitigation activities, and provide an overall view of the
organization’s third-party risk landscape. Use data visualization
tools to present complex risk information in an easily
understandable format. Prepare and deliver presentations to explain
risk findings, defend risk ratings and mitigation recommendations,
and answer questions from stakeholders. QUALIFICATIONS • Education:
• BA/BS Business Administration, Accounting, Finance, or equivalent
work experience. • CTPRP Certification preferred. • Experience: •
Minimum 3-5 years of Third-Party Risk Management experience (or
appropriate transferable experience). • Demonstrated understanding
of vendor management concepts and implementation / program
administration techniques including vendor performance monitoring.
• High-level understanding of contract clauses and concepts. •
Experience using Governance, Risk, and Compliance tools. •
Knowledge and understanding of the Interagency Guidance on
Third-Party Relationships: Risk Management • Third-Party Risk
Management Industry Regulation understanding Skills/Ability: • Must
possess excellent organizational and attention to detail skills. •
Regularly exercise discretion and independent judgment. • Must be
proficient with Microsoft Word, Excel, PowerPoint, and/or other
similar software packages. • Proven ability to work autonomously
and adjust quickly to shifting priorities, multiple demands,
ambiguity, and rapid change. • Able to interface with business unit
leaders, auditors, and vendor representatives. • Strong team player
with ability to influence opinions without having direct authority.
• Ability to build and maintain effective working relationships
with all levels of management and staff. • Strong written and
verbal communication skills, including the ability to facilitate
meetings and effectively lead discussions. High level of
professionalism, commitment, and integrity. • Commitment to growing
and enhancing skills and knowledge. • Strong analytical skills, and
a comprehensive understanding of various risk types and their
potential implications for the Bank. • Ability to constructively
challenge colleagues, articulate concerns clearly, and propose
alternative viewpoints backed by sound reasoning and evidence. •
Strong project management skills, the ability to gather and analyze
complex information from various sources, and expertise in risk
assessment methodologies • Creative critical thinking skills, a
good understanding of risk management best practices, the TPRM
Regulatory landscape, and the ability to balance risk mitigation
with business objectives. • Excellent interpersonal and
communication skills, the ability to navigate complex
organizational structures, and a collaborative mindset. •
Initiative-taking learning attitude, analytical thinking to
interpret the implications of changes, and the ability to translate
complex regulatory requirements into practical risk management
strategies. • Ability to distill complex information into key
points, and confidence in presenting to senior executives. •
Occasional travel to and from other work locations may be
required.
Keywords: , South Whittier , Third-Party Risk Management Specialist, Accounting, Auditing , El Monte, California
