TITLE: RISK PROGRAM ADMINISTRATOR
STATUS: EXEMPT
REPORTS TO: DIRECTOR - INFORMATION SECURITY AND THIRD-PARTY RISK MGMT
DEPARTMENT: RISK MANAGEMENT
JOB CODE: 11729
PAY RANGE: $98,600.00 - $120,000.00 ANNUALLY
General Description
The Risk Program Administrator coordinates daily operational activities for the information security risk management (ISRM) and third-party risk management (TPRM) programs; provides analytics and reporting to ensure program objectives are measured and reported in a manner that is consistent with strategic goals, organizational objectives, and risk appetite. This role will collaborate with various stakeholders and cross functional teams across Golden 1 to identify opportunities and recommend program improvements.
The Risk Program Administrator evaluates, coordinates, and assigns incoming service requests to Risk Specialists based on overall workload and request volume and performs quality control validation of work product delivered by Risk Specialists in ISRM and TPRM. This role supports and prepares audit and examination evidence requests and monitors open issues and conditions in accordance with Enterprise Risk Management procedures. This role writes new departmental procedures and ensures that departmental procedures are reviewed and approved annually. This role assists with the development of new processes and builds detailed process maps. This role will identify, design, and support the implementation for tools, systems, process improvements and reports for ISRM and TPRM programs. The Risk Program Administrator will assist with the development of training materials and deliver training as program processes evolve.
The Risk Program Administrator will support a variety of management reporting on Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for the ISRM and TPRM programs. This role will identify and assess opportunities for program optimization based on analysis of key metrics as well as prepare and deliver presentations for leadership and Credit Union committees.
Tasks, Duties, Functions
- Implement tools, systems, and processes for identifying, assessing, and reporting on work requests and statuses.
- Manage program procedural documentation including drafting procedures, building process flow charts, and coordinating annual reviews.
- Prepare training materials and employee facing communications related to program process changes.
- Coordinate and assign incoming work requests for new third-party vendors and services to ensure efficiency and workload balance.
- Perform recurring quality assurance evaluations for risk and control assessments completed by ISRM and TPRM Risk Specialists.
- Collect and analyze data from program work products, performance metrics, and stakeholder feedback and make recommendations to continuously improve the program.
- Respond to and prepare evidence for audit and examination requests; assist with preparation of management action plans in response to findings; actively monitor open issues and conditions for status updates.
- Conduct periodic reconcilements of vendor inventory to ensure accurate vendor status and data quality.
- Tactfully yet assertively challenge assumptions and perspectives on risk and recommend improvements to policies, procedures, and practices to mitigate risk.
- Assist with preparation of risk committee materials, including creating and updating risk management reports and presentations on the evaluation of program effectiveness, level and direction of risks, key and emerging risks, and status of previously identified risk and control issues.
- Perform other duties as required to support Enterprise Risk Management and the business, such as developing ad-hoc analysis, performing deep dive investigations, or other special projects as needed.
- Maintain a thorough understanding of state and federal laws and regulations relevant to the financial industry and operation of ISRM and TPRM programs; maintain knowledge of current standards and frameworks, practices, and technologies.
PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASK:
- Strong oral and written communication skills, presentation skills; understand third-party contracts; research and reporting skills.
- Must possess sufficient manual dexterity to skillfully operate a computer, browser, email, software, and other standard office equipment.
- Ability to work as part of a team.
Organizational Contacts & Relationships
- INTERNAL: All levels of staff and management, including senior and executive-level leadership.
- EXTERNAL: Vendor and Partner Representatives, Regulators, and External Auditors.
Qualifications - EDUCATION: bachelor’s or master’s degree.
- EXPERIENCE: At least six (6) years of experience in an administrative role; related work experience could include prior third-party sourcing and contracting, operations management, and/or program implementation.
- KNOWLEDGE / SKILLS:
- Demonstrated/strong working knowledge of risk management programs, practices, and processes with proven ability to learn technical jargon related to information security and third-party risk management.
- Strong organizational skills, with a high degree of initiative and ability to self-start and self-prioritize assignments and make timely and effective decisions.
- Knowledge of third-party agreement terms and conditions, contract frameworks and management practices.
- Strong analytical, problem-solving and workflow analysis skills, including demonstrated ability to quickly synthesize information from various sources, identifying key points and issues.
- Ability to apply judgment around industry best practices and make sound risk/reward decisions using a balance of data, logic and intuition to inform critical business strategies and processes.
- Strong interpersonal and customer service skills; ability to negotiate, influence, and build collaborative, cross-organization relationships, even in difficult situations.
- Must have strong communication (verbal, written and presentation) skills, including ability to convey complex situations and relationships concisely to management and executive level audiences.
- Strong process facilitation, process management and improvement skills.
- Highly proficient in Microsoft Office (Word, Excel, Visio, Outlook, PowerPoint); experience with Power BI, ServiceNow, and Concur preferred.
- Solid work ethic and able to work effectively both independently and in a team.
Physical Requirements
- Prolonged sitting throughout the workday with occasional mobility required.
- Corrected vision within the normal range.
- Hearing within normal range. A device to enhance hearing will be provided if needed.
- Occasional movements throughout the department daily to interact with staff, accomplish tasks, etc.
- Unusually long or inconsistent hours may be required to accomplish tasks.
- Travel may be needed to accomplish tasks. Overnight travel is sometimes necessary. Occasional weekend and evening schedules required.
Licenses / Certifications
None
THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY DUTIES TO BE PERFORMED BY THIS EMPLOYEE. HE OR SHE WILL BE REQUIRED TO FOLLOW OTHER INSTRUCTIONS AND TO PERFORM OTHER DUTIES REQUESTED BY HIS OR HER SUPERVISOR THAT ARE WITHIN HIS / HER KNOWLEDGE, SKILL AND ABILITY AS WELL AS HIS / HER MENTAL AND PHYSICAL ABILITIES.
Apply Now