Information Security - Information Security Third Party Analyst

Job Summary: The Third-Party Security Analyst will analyze and interpret operational third-party risk documentation to facilitate the third-party risk management lifecycle in collaboration with business lines, risk partners and other stakeholders. Additionally, this role is accountable for ensuring appropriate risks and corresponding controls, or lack thereof, are identified and communicated to management. This role will audit existing Information Security programs in development and provide compliance related recommendations. The Third-Party Security Analyst safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the Third-Party Security Analyst is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The Third-Party Security Analyst is the center of competence for Information Security audit and review providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.   Responsibilities and Duties: Be a role model for Veritex Bank’s organizational culture by creating a positive impact at every touchpoint with people, with every word you say or put in print Perform due diligence, contracting, and monitoring activities in accordance with applicable regulatory guidance, risk policies, procedures, guidelines, and standards Develop third-party risk analysis, summaries, and reporting for risk management, business line leadership and third-party relationship managers, and Audit Facilitate ad-hoc training and support sessions with business lines Participate in projects that support company and department strategy Develop, implement, and maintain accurate program documentation (e.g. procedures, contracts, etc.) Support the third-party risk management program: activities/ interagency guidance map, reports, document inventory and periodic review schedule Maintain and encourage open and honest business relationships within the team and throughout the Bank Collaborate with your peers and stakeholders to add to the collective innovative thinking that can drive new business ideas for Veritex Bank Participate in related meetings relative to various audit requests or exams, as necessary. Exude your upbeat energy and enthusiasm every day Communicate in a fashion that is respectful and well understood Utilize methodology to streamline work processes and realize cost and resource efficiencies Integrity, discretion, and respect for confidential information are essential Escalate material issues and risks to third-party risk management, and appropriate stakeholders, as necessary Perform other duties as we may need you to do   Job Skills and Qualifications: Understanding of Cloud security best practices Strong knowledge of third-party risk management, including how to analyze technical documentation, regulatory guidance, and contracts to extract insights and present findings Solid understanding of the functions of an effective third-party risk and related procurement systems and/or processes. Ability to think critically, using initiative and sound judgment in accordance with established policies, standards, and procedures Innately demonstrate superior written and verbal communication skills Motivated and organized self-starter with strong attention to detail and the ability to manage multiple priorities Inquisitive, agile, and strong team player with excellent written, verbal, and interpersonal communication skills Ability to remain adaptable and resilient to all situations with an optimistic outlook and cast a positive shadow that is aligned with our culture Intermediate level proficiency with Microsoft Word, Excel, Teams, and Outlook Bachelor’s degree in related field or equivalent combination of education and experience required 3 years information security related work experience, preferably with a financial institution 3 years third-party due diligence related work experience, preferably with a financial institution CRVPM II certification required CISA, CISM or CISSP certifications preferred Experience with third-party or risk management systems preferred Be willing to work flexible hours including evenings and weekends as the job demands and travel as required Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.