AVP Third Party Risk Program Manager

Address

We're always looking for bright individuals to join our growing organization. As a part of the First Financial Family, we will invest in your development and provide a dynamic work environment where you're challenged, valued and empowered every day. We strive to be the best destination for the industry's top talent, creating a diverse, collaborative workplace that celebrates innovation and change. We are one team, working together to get things done.

Job Description:

OFFICE LOCATION:

Abilene, Texas, United States

SCOPE/CONTACTS:

The Third-Party Risk Program Manager provides Second Line of Defense support for the Enterprise Risk Management Program (ERM). The incumbent is responsible for all aspects of and will provide oversight, guidance and challenge to the company's Third-Party Risk Management (TPRM). The candidate will establish and enhance the Third-Party Risk Framework, draft and maintain TPRM policies and standards, develop and execute TPRM annual work plans, and conduct periodic risk assessments. They will also assess, monitor and track TPRM lifecycle activities, ensure documentation completeness, and prepare aggregated TPRM reports on risk data and analysis.

ESSENTIAL FUNCTIONS:

Third Party Risk Management Framework

• Establish and enhance the Third-Party Risk Framework, including the appropriate process and training that is commensurate with regulatory requirements and to effectively manage third party risks
• Maintains the third-party inventory, including current relationship owner assignment, classification based upon business impact, collection of current due diligence, and issue management.
• Update third party risk management policies and procedures
• Collaborates with business line management third-party relationship owners to influence key decisions
• Develop and execute a third-party risk annual work plan to review and challenge risk identification, assessment, control evaluation and testing activities
• Adheres to a consistent risk rating methodology for controls that aligns with the Enterprise Risk Management Standards
• Conduct periodic risk assessment of third-party risks
• Stays informed of emerging risks and TPRM regulatory expectations and industry best practices.

Third Party Risk Management Lifecycle and Implementation of TPRM Second Line Review

• Manage incoming prospective vendor engagement requests and work with internal stakeholders to confirm the completeness and accuracy of information, ensure due diligence is performed.
• Coordinate with cross-functional review teams to ensure reviews are incorporated into the final vendor assessments
• Follow-up with third parties regarding incomplete due diligence information or follow-up questions required to complete assessments
• Perform risk assessments on prospective and existing vendors in accordance with the company's Third-Party Risk Management Policy and procedures
• Identify, develop, and monitor issues and track through to completion
• Leverage existing tools and processes to conduct periodic and ongoing monitoring of vendors
• Support vendor risk reporting for management and committees, as required
• Provide third party risk management guidance to lines of business staff, as needed.
• Ensure the completeness of the central documentation of the company-wide third-party population
• Prepare aggregated third-party risk report
• Keep abreast of current industry tools, trends, and regulatory requirements
• Review contracts and ensure appropriate confidentiality agreements are in place

Risk Assessment

• Assist with new product management risk assessment process
• Assist with RCSA quarterly review in the expertise of third-party risk management
• Addresses assigned issues with the business line owner, including root cause analysis, mitigation plan creation, progress tracking, and verification of completion
• Reviews internal department policies, standards, and procedures to validate compliance with the appropriate regulatory and business requirements.

Other

• Supports regulatory examination and audit preparation

• Complete compliance training related to the position in a timely manner.

• Understand and comply with applicable laws and regulations that apply to the position.
• Safeguard First Financial and customer information.
• Comply with the