What are the responsibilities and job description for the Temporary Risk Analyst position at Bank of the Sierra?
What we have to offer
Bank of the Sierra was honored to be chosen as one of the ‘Best Companies to Work For in Central California.’ Only a small number of organizations in the nation receive this honor and Bank of the Sierra is one of 16 in the Central Valley to make the list.
According to employees, our bank is known for its ‘family-like’ atmosphere. We offer competitive salaries and benefits packages, professional development through education, tuition reimbursement and promotions.
The generous benefits our eligible employees receive include medical, vision, dental, life, and long-term disability insurance, as well as a 401(k) retirement plan.
Third Party Vendor Risk Management Responsibilities (primary responsibility)
Responsible for day-to-day management of Bank’s Third Party Vendor Risk Management Program including pre-contract screening, on-boarding, InfoSec contract provision review, risk assessment (RA), and vendor termination and offboarding.
Review vendor compliance from a financial viability, BCM/DR, Incident Response and Data Security perspective.
Interface with Outside Counsel and internal stakeholders as part as Third Party Vendor Risk Management Program owner.
Update and create key control documentation to ensure process, policies, and controls for Third Party Vendor Risk Management Program are accurate and properly documented.
Provide assistance with the preparation of Management and Board level risk reports, dashboards and operational review metrics (KRIs) or other metrics.
Bank of the Sierra is proud to be an equal opportunity workplace and is an affirmative action employer committed to equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.
Operational Risk/Information Security Responsibilities (secondary responsibilities)
Responsible for day-to-day management of Bank’s Incidents and Issues Program
Conduct 2nd line testing to ensure controls are operating effectively. Testing will include data collection and analytics.
Manage internal employee education and testing programs, including any required follow-up (i.e., security bulletins, monthly phishing tests, semi-annual password audits, etc.)
Provide assistance with the preparation of Management and Board level risk reports, dashboards and operational review metrics (KRIs) or other metrics.
