Ent Credit Union exists to improve the financial quality of life of the people we serve. This mission drives us every day, but we are more than our mission. We're also individuals using our unique abilities to make our organization, and the communities we serve, better than they were yesterday. We're a not-for-profit that puts people above profits and actively invests in our community. Our rapidly growing team is expanding our reach to serve more people throughout Colorado. To spread our mission far and wide, we need people like you. If you're interested in a paycheck with a purpose, apply with us today. Our people make the difference, and we truly believe you are our greatest asset.
Job Description
Ent Credit Union's Business and Technology Risk & Control function is a team with the responsibility of weighing the innovation and growth initiatives against the potential and actual risks associated with Ent's third parties that assist us in delivering quality products and services to our membership, and evaluating internal business processes and working with business lines to identify relevant risks and controls around those business processes. This position is responsible for working with third-party relationship managers and business partners to conduct periodic risk assessments, and relationship check-ins, and identify, assess, and document risks associated with third-party relationships. The Analyst is also responsible for ensuring that any issues found during risk assessments are resolved by the appropriate parties. The Analyst will assist with establishing standards for managing third-party relationships, escalation procedures, and general best practices when working with third parties. They will act as a resource, subject matter expert, and second line of defense to business units partnering directly with third parties. Additionally, the Analyst will assist the Business Risk and Control Manager to help document key business processes and work with control owners to determine appropriate risks and related controls are identified and documented. The Business and Technology Risk & Control function is a critical second line of defense to comply with regulations as well as facilitating and following best business practices which are key to advancing Ent's strategic objectives. The Operational Risk Management Analyst plays an important part of the overall function of coordinating due diligence actions, analyzing data to determine third-party risk ratings, reporting third-party risk to the organization, and assisting business lines with managing and monitoring third-party relationships.
Essential Functions
Inventory and understand the existing processes, risks, and internal controls within Ent's Governance, Risk, and Assisting the Business Risk and Control Manager, working with the business lines to identify, confirm, and draft risks and internal control activities relevant to the corresponding processes. Key steps and deliverables to be completed include: Compliance (GRC) platform (ETRACS) for all business units across the Credit Union. Conduct and document process walkthrough narratives to document the process and key control activities. Draft Risk and Control Matrices (RCMs) for key inherent risks and mitigating controls. Coordinate with business line management to review, update, and approve RCMs, including memorializing and retaining evidence of approval. Discuss potential control gaps with business line management and advise on how to address control gaps. Present business line management-approved RCMs to the Integrated Risk Management Committee (IRMC) for approval prior to coordinating with the ETRACS administrator to enter risks and controls into ETRACS. Once RCMs are entered into ETRACS, confirm all information is accurate, complete, and appropriately linked to processes as approved by business line management. Advise business line management on opportunities to improve procedures to reflect approved risks and controls.
Coordinate due diligence activities with internal relationship managers and external third parties including the following: Work with BL, SME, and other stakeholders to drive timely and accurate progression of TPRM Program activities, including initial planning, as well as rendering credible challenge, oversight, and approvals during assessments and BL Ongoing Management attestations. Facilitate risk management lifecycle activities for designated Critical Activity Third Parties and other Third Party (TP) Relationships as determined by policy, including oversight of defined risk management activities, facilitating Board reporting of in-scope Third Parties, and facilitating coordinated concentration risk assessment of in-scope Third Parties and TP Relationships in conjunction with impacted BLs. Provide guidance and promote/complete TPRM Program training, including providing communication and training directly to BL personnel regarding TPRM Program changes. Promote BL support of cross-BL risk management (i. e. , Shared TP Relationships). Support aggregation of risk metrics and consistent reporting to BL Management and TPRM Function, to allow the BL to analyze strategic Third Party alignment and concentration risk. Assist timely response to matters identified by Second Line of Defense Quality Assurance programs, Credit Union Internal Audit, regulators, or other auditors and examiners, and escalate to BL Management and the TPRM function when identified ?risks approach the Credit Union's risk appetite limits. Assist in Third Party on-site risk reviews, as needed.
Foster relationships between Ent Relationship Managers and third parties including the following: Maintain collaborative relationships with internal Third Party relationship managers to promote effective communication, Third Party performance, Third Party risk mitigation, and service delivery, and ongoing relationships. Provide appropriate guidance and advice to internal Third Party relationship managers and third parties by research, asking appropriate questions, and analyzing feedback. Assist in the creation of training materials and assist to provide training to the business areas and other departments that manage Third Party relationships. Act as the point of contact for questions from the business areas related to Third Party management and the regulatory guidance. Ensures the timely update and maintenance of all Third Party information and documentation, process documentation, job aids and training materials in appropriate departmental repository.
When necessary, assist the business lines in drafting program documentation (e. g. , procedures, reporting, training) to enhance partnership between risk and the operations teams/business lines.
Bank Secrecy Act: Remains cognizant of and adheres to Ent policies and procedures, and regulations pertaining to the Bank Secrecy Act.
Qualifications
Minimum Formal Qualifications for this Position:
Bachelor's Degree in Business, Information Technology, Finance, Risk Management or a similar discipline
1+ years' of Third Party management and / or operational risk management experience supporting general corporate practices (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management, project or product management).
1+ years' of relevant experience supporting financial services practices. Preferred
1+ years' experience in heightened expectations regulatory environment. Preferred
Each year of relevant work experience may be exchanged for a year in a relevant degree program or vice versa. For example, a requirement of a bachelor's degree in accounting and 2+ years of account experience could be substituted for a high school diploma and 6 years of relevant accounting work experience or a master's degree in accounting and 0 years of work experience.
Technical or Specialized Knowledge/Skills:
Demonstrated knowledge of risk management or compliance principles.
Customer service skills.
Strong organizational skills.
Knowledge of business English, spelling, punctuation, grammar, and basic legal terminology.
Knowledge of general research techniques and the use of software systems available for conducting research.
Ability to find and monitor trends.
Ability to write reports, Third Party guidelines, Third Party requirements, and document business processes.
Ability to multi-task interacting with several third-parties, multiple end users, and manage many different daily tasks.
Ability to prioritize tasks, while working effectively under pressure to meet guidelines.
Ability to operate with all levels of corporate professionals and third parties, speaking with people of varying levels of experience and backgrounds to establish good rapport.
Ability to communicate effectively, both orally and in writing with high attention to detail placing value on concise and actionable reporting and analytics.
Facilitation and presentation skills
Ability to quickly develop a deep knowledge of the company, industry, products and services.
Ability to work independently with little direction and/or supervision.
Ability to build relationships in cross functional business organizations.
Ability to explain complex concepts and terms in relatable ways to build understanding and acceptance of regulatory changes that may be required.
Proficient using a variety of software packages, including Microsoft Office applications, database visualization tools such as PowerBI, and presentations.
(preferred) Understanding of the credit union or financial services industry and the products and services of the company.
Certified Third Party Risk Professional certification. within 1 Year preferred
Certified in Risk and Information Systems Control (CRISC) within 1 Year preferred
Environmental, Physical and Psychological Requirements:
Standing - Occasionally
Walking - Occasionally
Sitting - Frequently
Lifting - Rarely (40 Lbs)
Carrying - Rarely
Pushing - Rarely
Pulling - Rarely
Balancing - Rarely
Stooping - Rarely
Kneeling - Rarely
Crouching - Rarely
Crawling - Rarely
Reaching - Occasionally
Handling - Occasionally
Grasping - Occasionally
Feeling - Occasionally
Talking - Frequently
Hearing - Frequently
Repetitive Motions - Frequently
Eye/Hand/Foot Coordination - Occasionally
Noises louder than normal speaking volume - Occasionally
Temperature Changes - Rarely
Atmospheric Conditions - Rarely
Additional Information
The pay range for this position is: $26.45 to $33.42 per Hour (S14)
Final compensation for this position will be determined by various factors such as relevant work experience, specific skills and competencies, education, certifications, and internal pay equity.
This position is eligible for our corporate bonus program based on company performance.
We anticipate this position to close on 4/24/2024. Please submit your application at your earliest convenience to be considered.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
Benefits Summary Sheet - 2024
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
