Third-Party Risk Management Cyber Analyst

Evaluate and conduct Risk Reviews and Assessments of existing and prospective third parties engaged by ICCU including strategic risk financial risk compliance risk operational risk reputational risk technology risk including cybersecurity amongst other categories as defined by TPRM management. The TPRM Tech Analyst will interact directly with third parties and work with ICCU Subject Matter Experts from all business lines to complete third-party service evaluation and risk assessments and to track and resolve applicable risk findings. Take on the role of a cybersecurity risk manager regarding third-party security risks and understanding the risks present and mitigations being utilized or need utilization.

Duties and Responsibilities:

• Possess and demonstrate an ability to recognize and analyze qualitatively and quantitatively third-party risks as defined by TPRM Management.
• Maintain an up to date knowledge about information systems information technology cybersecurity data architecture including the risks and mitigations associated with each.
• Ability to interact with the Information Technology stakeholders and third-party IT representatives challenging documented assumptions and conclusions whenever the evidence does not support them and assist them to meet TPRM standards of documentation.
• Acts proactively in resolving pending items following up with the different stakeholders to complete the TPRM process cordially discuss assessments results completed by IT and other stakeholders when documentation for risk rationale and conclusion seem insufficient or unclear.
• Demonstrate critical thinking skills to identify critical risks and understand interrelationships among different risk categories.
• Communicate effectively through multiple mediums (electronic and in-person) write clearly and effectively & document findings appropriately and completely.
• Ability to utilize Microsoft Word Excel PowerPoint and other reporting/presentation tools.
• Execute assigned tasks and responsibilities timely with the highest level of professionalism.
• Demonstrate credibility with business partners and leadership to appropriately influence business decisions and exercise strong business judgment.
• Demonstrate an ability to work independently but seek appropriate input and opportunities to create additional value for internal business team members and partners through continuous improvement.
• Conduct and evaluate third-party risk assessments including SOC Reviews and security assessments as defined by TPRM Management.
• Completion of due diligence (initial and ongoing) for third parties with input from stakeholders.
• Collaborate with internal stakeholders and third parties to mitigate and otherwise resolve third-party risks.
• Collaborate effectively with TPRM team other TPRM analysts and Risk Management leadership.
• Collaborate with IT Security and Architecture to ensure all measures are being taken to accurately assess complex third-party technologies.
• Conduct periodic TPRM training and awareness with business lines and TPRM personnel.
• Acts as subject matter expert on TPRM procedures.
• Other duties as assigned.

Qualifications:

Bachelors degree in Business Administration Information Systems Computer Science Cybersecurity or equivalent degree or experience preferred. One to three years of IT/Cybersecurity experience and/or related certifications required.

Possess the ability to communicate succinctly and effectively verbally and in writing. Strong and adaptable computer skills including MS Office products and other business software. Knowledge of risk management including IT systems and related risks and controls. Ability to always maintain the confidentiality of the Credit Union and member records.

Preferred Skills:

• Professional experience in business operations project/program management finance risk management business analytics cyber security/data privacy or similar.
• Knowledge and understanding of the critical components of Vendors System and Organization Control Report (SOC Report) review processes.

Performance Standard:

This position requires an elevated level of professionalism in attendance quality and quantity of work performed. Strong ability to communicate with team members third-party contacts and management effectively through professional verbal and written communication. Capability to work collaboratively including managing and initiating effective cross-functional relationships. Ability to de-escalate potential emotionally charged conversations while still achieving TPRM objectives. A demonstrated cooperative and positive attitude toward team members and stakeholders. Capacity to identify issues analyze information to assess root cause and relationships risks and potential risk responses. Ability to synthesize and summarize complex data into concise recommendations and reports. Skilled in utilizing various business software to prepare reports memos summaries and analyses. Qualified to balance multiple priorities adapt to a constantly changing business environment work independently drive projects to completion and meet deadlines in a professional environment. Must be willing to comply with the Bank Secrecy Act and USA Patriot Act as implemented by ICCU.

Physical Requirements:

• Perform tasks requiring manual dexterity (processing paperwork filing stapling sorting collating typing counting cash etc.).
• Sit for extended periods of time.
• Lift 20-40 pounds of applicable supplies including but not limited to copy paper cash drawers marketing material etc.
• Repetitive motion using wrists hands and fingers.
• Reach keyboards.
• Ability to operate basic office machines (calculator computer telephone copy machine fax machine etc.).

The above statements reflect the general details considered necessary to describe the essential functions of the job and should not be construed as a detailed description of all the work requirements that may be inherent of the job.

Must be eligible for membership at ICCU to obtain employment.

ICCU is an Equal Opportunity Employer. Employment decisions are made without regard to race color religion national or ethnic origin sex age disability protected veteran status or other characteristics protected by law.

This role offers benefits including:

• Competitive Pay
• Medical Dental & Vision Insurance
• Generous Paid Time Off
• Paid Holidays
• Matching 401K AND Pension
• Tuition Reimbursement
• Employee Assistance Program
• Employee Wellness Program
• Paid Group Life and Disability Insurance
• Awesome Culture
• And More

Required Experience:

IC