Summary:The Director of Third-Party Risk Management plays a critical role in ensuring the security and compliance of First Bank of the Lake's relationships with third-party vendors and suppliers. This position is responsible for developing, implementing, and maintaining a comprehensive third-party risk management program, ensuring that potential risks associated with vendors are identified, assessed, and mitigated effectively. This position is instrumental in safeguarding the bank's reputation and protecting sensitive data.

Job Functions:

• Develop and implement a robust third-party risk management framework and program for the bank. On an annual basis, ensure the program is aligned with industry best practices and regulatory requirements.
• Identify and assess potential risks associated with third-party vendors and suppliers, including but not limited to cybersecurity, data privacy, regulatory compliance, financial stability, and operational resilience.
• Collaborate with internal stakeholders, including procurement, legal, IT, compliance, and business units, to establish and enforce standardized vendor risk management policies, procedures, and contractual requirements.
• Develop and maintain a centralized repository of vendor-related information, including contracts, risk assessments, audit reports, and remediation plans. Conduct thorough due diligence and risk assessments of prospective and existing third-party vendors, considering their risk profile, performance, and ability to meet contractual obligations. Monitor and evaluate the ongoing performance and compliance of third-party vendors through periodic risk assessments, audits, and performance metrics.
• Implement and maintain an effective vendor risk reporting framework, providing regular updates to senior management, highlighting key risk areas, and recommending appropriate mitigation strategies.
• Provide guidance, training, and support to internal teams on third-party risk management practices, policies, and procedures.
• Perform additional responsibilities and duties as assigned or requested by the Compliance Manager for the purpose of facilitating corporate objectives.
• Bachelor's degree in business administration, finance, information technology, or a related field.
• Minimum of 3 years proven experience in third-party risk management, preferably in the financial services sector or a highly regulated industry.
• In-depth knowledge of third-party risk management principles, methodologies, and frameworks, with a strong understanding of industry standards and best practices.
• Strong analytical and problem-solving skills, with the ability to assess complex risk scenarios, develop mitigation strategies, and make informed decisions.
• Excellent communication and interpersonal skills, with the ability to influence and collaborate effectively with stakeholders at all levels of the organization.
• Detail-oriented mindset, with the ability to manage multiple priorities and projects simultaneously while maintaining a high level of accuracy and attention to detail.
• Proficiency in using third-party risk management tools and platforms, as well as experience in leveraging data analytics for risk assessment and reporting.
• Strong project management skills, with the ability to lead and execute initiatives independently and within established timelines.

Job Requirements:

• A commitment to continuous learning and professional development in the field of third-party risk management.
• Must complete all required training, including Bank Secrecy Act/Anti-money Laundering training, suitable to their position within the bank.
• Must be able to be bonded.

Physical Requirements:

Prolonged periods sitting at a desk and working on a computer.

Must be able to lift up to 25 pounds at times.

EEO Statement:

We are an equal-opportunity employer. All qualified applicants will receive considera ion for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, or any other protected category.

All offers of employment shall be subject to the successful completion of all pre-employment screenings, verifications, and processes. Failure to comply with these processes or failure to successfully pass all phases of the pre-employment screening will result in a withdrawal of the employment offer.

Other Duties:

Please note that this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties, obligations, and activities may change at any time, with or without notice.