Risk Management Specialist

The Risk Management Specialist supports the Credit Union's goals, values and philosophy by exhibiting the following behaviors:  excellence, quality member service, commitment and accountability.  As a member of the Credit Union's risk management team, performance include demonstration of the follow accountabilities:  communication, teamwork, job knowledge, and confidentiality.

Essential Functions and Responsibilities:

• Under direction of CAO, assists with performing and maintaining risk assessments for various processes and programs to identify risks, including vendor management program. Updates risk assessments on an annual basis for all areas of the Credit Union.  This includes interviewing appropriate business unit owners to determine if there have been any changes in processes, software, personnel, training, etc.;  reviewing any regulations related to that area; identifying the inherent risk; reviewing processes/procedures established to mitigate the risk; and determining the residual risk.  Provides completed risk assessments to CAO for approval, with CAO submitting to ROC for official approval..  Member of Risk Oversight Committee.
• Maintains employee access forms for all employees, notifying pertinent parties of hires, changes, and terminations that may affect employee access to credit union systems.  Monitors forms to ensure all changes are documented by all pertinent parties and follows up as necessary to ensure changes are completed within a timely fashion and forms are "audit" ready.
• Works with the Chief Administrative Officer and VP, Information Technology on the IT/IS Risk Assessment, as well as the ACET report, annually.  Member of IT Steering Committee and Business Continuity/Disaster Recovery Team.
• Complaint Management:  Responsible for logging all complaints, including TDFI, NCUA, BBB, written consumer/member complaints, reviews from social media sites, or verbal consumer/member complaints.  Creates and maintains folders for each complainant on the ROC shared drive, ensuring all communication and supporting documentation, and the written resolution are on file.  Follows up to ensure each complaint is resolved.  Provides quarterly report of all complaints for each quarter to CAO.
• Coordinates monthly phishing tests for staff, quarterly for Board and Committee Members.  Provides monthly report of fails to CAO.  Conducts one-on-one training for staff with multiple fails, according to established guidelines.
• Assists CAO with development of training for staff on information security, with a focus on cybersecurity and social engineering, as well as annual board training. Responsible for delivery of training at all new hire orientations.
• Stay abreast of cybersecurity alerts from resources, such as FS-ISAC, CISA, NCUA, NCUISAO, Infragard, FBI Cybercrime Division, and FBI (internet crimes division), of potential cyber events that may affect the credit union.  Shares pertinent alerts with IT department, as well as CAO.  Participates in FS-ISAC calls about heightened cyber-related events/alerts, sharing pertinent information with CAO and IT department.

Performance Measurements:

• Adhere to all Credit Union Policies/Procedures and Regulatory Requirements.
• RISK IDENTIFICATION:  The ability to identify potential risks that may arise in the credit union's operations and activities.
• RISK ASSESSMENT:  The ability to assess the potential impact and likelihood of identified risks and recommend appropriate mitigation strategies.
• EMPLOYEE TRAINING:  The ability to assist with development and delivery of effective risk management training programs to credit union employees.
• COMMUNICATION:  The ability to effectively communication risk management issues and strategies to management and employees.
• DATA AND REPORTING:  The ability to analyze data related to risk management activities and prepare reports for senior management.
• TEAM COLLABORATION:  The ability to work collaboratively with other departments to ensure that risk management strategies are integrated into all aspects of the credit union's operations and culture.

Experience:  Three years to five years of similar or related experience in the banking or credit union industry.

Education:  (1) A two-year college degree, or (2) completion of a specialized certification or licensing, or (3) completion of specialized training courses conducted by vendors, or (4) job-specific skills acquired through an apprenticeship program.

Interpersonal:  Work involves much personal contact with others inside and/or outside the organization for the purpose of first-level conflict resolution, building relationships, and soliciting cooperation. Discussions involve a higher degree of confidentiality and discretion, requiring diplomacy and tact in communication.

Other Skills:  Knowledge of regulatory requirements related to risk management.
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Ability to work independently and as part of a team.
Attention to detail and ability to manage multiple tasks simultaneously.
Proficiency in Microsoft Office Suite.