Technology Compliance & Vendor Management Analyst
Novus Home Mortgage · Brookfield, WI · 2 days ago
On-siteSalesFull-time
ESSENTIAL DUTIES and RESPONSIBILITIES
- IT Audit Coordination
- Serve as the primary coordinator for all internal IT audit activity
- Partner with external audit firms to plan, schedule, and facilitate the execution of technology-focused audits
- Manage the end-to-end audit lifecycle including evidence collection, stakeholder preparation, finding documentation, remediation tracking, and close-out reporting
- Maintain a consolidated audit calendar and ensure cross-functional teams are informed of upcoming audit activities, timelines, and required deliverables
- Track and report on the status of open audit findings and management responses to the CTO and relevant stakeholders on a regular cadence
- Technology Risk Assessment
- Own and maintain the enterprise IT risk assessment program
- Produce and update risk assessments on a scheduled and event-driven basis
- Collaborate with Information Security team members to align risk assessment methodologies with applicable frameworks and industry standards
- Translate risk findings into actionable reporting for the CTO and ELT, clearly articulating risk posture, trends, and mitigation priorities
- Monitor the technology risk landscape for emerging threats, regulatory changes, or operational shifts that warrant reassessment
- Policy Management
- Maintain and administer the full library of technology-related policies and standards
- Ensure documents remain current, accurate, and aligned with regulatory expectations
- Establish and manage a recurring policy review cycle, coordinating with stakeholders across Technology, Compliance, Legal, and Operations to review, update, and ratify policy content
- Identify gaps between existing policies and evolving regulatory or industry requirements and drive resolution in partnership with relevant subject matter experts
- Communicate policy updates to impacted teams and support the development of training or awareness materials as needed
- Vendor Management
- Administer the vendor management program
- Own the end-to-end vendor lifecycle inclusive of onboarding due diligence, ongoing oversight, periodic reassessment, and offboarding
- Conduct and document technology vendor risk assessments, evaluating vendors against defined criteria including security posture, business continuity, data handling practices, and regulatory compliance
- Maintain the vendor inventory and associated risk ratings, ensuring records are current and accessible for internal and regulatory review
- Coordinate with General Counsel and Legal on contract-related matters while retaining ownership of the risk and compliance dimensions of vendor relationships
- Monitor vendor performance against service level expectations and escalate concerns to the CTO and appropriate stakeholders
- Regulatory Examination Management
- Serve as the primary technology point of contact for all regulatory examinations conducted by the FDIC, Fannie Mae, Freddie Mac, and the Wisconsin Department of Financial Institutions (WDFI)
- Coordinate the preparation, scheduling, and execution of regulatory technology examinations, ensuring internal stakeholders are briefed and examination materials are accurate and complete
- Manage examiner data requests, document production, and interview coordination throughout the examination process
- Track and drive resolution of any examination findings or matters requiring attention (MRAs) within required timeframes, reporting progress to the CTO and Compliance leadership
- Maintain examination readiness as a continuous posture rather than an event-driven activity, conducting periodic self-assessments and gap analyses in anticipation of scheduled exams
- Working knowledge of technology risk assessment practices and the ability to produce and present risk reporting to senior leadership
- Strong written and verbal communication skills with the ability to translate complex technical and regulatory concepts for non-technical audiences
- 5+ years of progressive experience in technology risk, IT compliance, vendor management, or a related discipline within financial services, mortgage lending, or a regulated banking environment
- Demonstrated experience coordinating IT audits and managing regulatory examination processes, including evidence gathering, examiner communications, and finding remediation
- Experience administering a vendor management program including due diligence, ongoing oversight and risk-tiered reassessment processes
- Familiarity with regulatory expectations for technology within FDIC-affiliated institutions; working knowledge of or exposure to the FFIEC IT Examination Handbook is a plus
- Experience in the mortgage lending industry and familiarity with GSE (Fannie Mae / Freddie Mac) technology expectations are preferred
- Requires education generally equivalent to a high school diploma
- Experience using Microsoft Office products (i.e. Word, Excel, Outlook, PowerPoint, SharePoint)