Third Party Risk Analyst, Sr
Old National Bank · Evansville, IN · 3 wk ago
Sales$70/hrFull-time
Responsibilities
- Perform third-party due diligence reviews and provide oversight of third-party risk assessments in accordance with TPRM policies, program and procedures.
- Support business segments throughout the third-party lifecycle.
- Analyze documentation related to operational resilience, information security, compliance, and business continuity.
- Identify control gaps and document risks, issues, and recommendations clearly and accurately.
- Track and monitor remediation activities for identified third-party issues.
- Validate evidence of corrective actions and escalate concerns when remediation is insufficient or delayed.
- Support ongoing monitoring activities, including periodic reviews and trigger-based reassessments.
- Partner with relationship owners to gather required documentation and clarify risk requirements.
- Respond to questions regarding TPRM processes, expectations, and timelines.
- Collaborate with subject matter experts as part of the review process.
- Maintain accurate and timely documentation within the TPRM system of record.
- Support preparation of management reports, metrics, and dashboards.
- Aid in audit and regulatory exam requests related to third-party risk activities.
- Execute special projects and additional assignments as requested to support Third-Party Risk Management and Enterprise Risk Management objectives.
- Contribute to the ongoing development, implementation, and maturation of third-party risk management processes, training materials, and support resources.
- Develop and maintain effective working relationships with stakeholders across the Bank to promote collaboration and consistent application of third-party risk management expectations.
Qualifications
- Bachelor’s degree in business, project management, accounting, or related field.
- 3+ years of experience in third-party risk management, operational risk, audit, or related risk disciplines.
- Prior experience in a regulated environment preferred.
- Familiarity with key third-party risk and regulatory requirements (e.g., GLBA, SOX, PCI, HIPAA) and related compliance expectations.
- Basic understanding of information security, cybersecurity concepts, and technology risks impacting third-party relationships.
- Strong attention to detail with the ability to analyze information, identify issues, and document risks clearly.
- Demonstrated ability to work collaboratively and build productive working relationships across teams.
- Proficiency in Microsoft Office applications, including Word, Excel, PowerPoint, and Visio.