Third Party Risk Management Analyst II

What the Role Is

The TPRM Analyst II plays a key role in the Bank's second line of defense, supporting the oversight, governance, and continuous improvement of the TPRM program. This role is responsible for providing subject matter expertise in third-party risk, developing and delivering training and outreach to internal stakeholders, enhancing program processes, drafting procedures and job aids, and ensuring exam readiness for regulatory reviews. The Analyst II partners closely with Vendor Relationship Owners, business lines, Compliance, Legal, Information Security, and Audit to ensure adherence to regulatory expectations and internal policies.

To perform these duties, the TPRM Analyst II must be able to manage multiple projects, meet tight deadlines, use critical analysis to provide effective challenge, communicate with all levels of management across the organization, actively engage in day-to-day interactions/relationships within the framework of the bank culture.

How You will Make an Impact

• Support the ongoing operation of the Bank's TPRM framework, including risk assessments, due diligence, ongoing monitoring, and exit strategies.
• Identify and implement process enhancements to improve efficiency, effectiveness, and regulatory alignment.
• Contribute to the development and maintenance of TPRM metrics, reporting, and dashboards for senior management and Board reporting.
• Develop, deliver, and maintain TPRM training programs for Vendor Relationship Owners, SMEs, and business stakeholders.
• Provide outreach and guidance to business units on their responsibilities under the TPRM program.
• Act as a trusted advisor to internal stakeholders, promoting awareness of third-party risk and regulatory expectations.
• Draft, update, and maintain TPRM policies, procedures, job aids, and templates to support program operations.
• Support regulatory exams and internal audits by preparing documentation, gathering evidence, and coordinating with stakeholders.
• Ensure that TPRM documentation reflects current regulatory guidance (e.g., OCC, FDIC, FRB, CFPB, FFIEC).
• Conduct and review inherent risk assessments and due diligence for critical and high-risk vendors.
• Support issue identification, escalation, and remediation tracking related to third-party risk.
• Assist in evaluating vendors' adherence to contractual obligations, regulatory requirements, and control effectiveness.
• Partner with Information Security, Compliance, Legal, and business units to align TPRM with enterprise risk management objectives.
• Participate in cross-functional initiatives to strengthen vendor risk oversight and resilience.
• Provide thought leadership on emerging risks, regulatory changes, and industry best practices in third-party risk management.

Who You Are

• Bachelor's degree in Business, Risk Management, Information Security, Finance, or equivalent work experience
• 5+ years of experience in risk management, vendor management, compliance, or audit in a financial institution or related environment.
• Experience supporting regulatory exams (OCC, FDIC, FRB, CFPB) strongly preferred.
• Strong understanding of third-party risk regulatory requirements and industry frameworks (FFIEC, OCC Bulletin 2013-29, FDIC FIL-44-2008, CRI Profile, SOC 2, ISO, NIST).
• Excellent written and verbal communication skills, with the ability to create clear, concise training and job aids.
• Strong analytical and critical thinking skills with the ability to identify and implement process improvements.
• Proficiency with GRC tools and vendor management platforms.
• Strong relationship-building skills with the ability to influence and partner across functions.

Certifications (Preferred)

• Certified Third-Party Risk Professional (CTPRP)
• Certified Regulatory Vendor Program Manager (CRVPM)
• Certified Information Systems Auditor (CISA) or other relevant certifications

If your experience aligns with this description, please consider applying. Many skills are transferable among industries and a passion for the role and willingness to learn are important considerations. We believe that a diverse workforce creates problem-solving and creative thinking, which is why we are dedicated to adding new perspectives to the team and encourage everyone to apply.

*This is a fully remote position

If your experience aligns with this description, please consider applying. Many skills are transferable among industries and a passion for the role and willingness to learn are important considerations. We believe that a diverse workforce creates problem-solving and creative thinking, which is why we're dedicated to adding new perspectives to the team and encourage everyone to apply.