Operational Risk Analyst - Third-Party Risk Management

Responsibilities -

• Support the EMEA Head of TPRM (Third-Party Risk Management) to embed the Bank’s outsourcing and third-party risk framework
• Identify opportunities to improve and streamline framework and processes
• Close working relationship with 1st line TPM colleagues responsible for the operationalisation of the TPRM framework and provide a review and challenge of the framework components
• Support the documenting of TPRM Policy, Framework and Procedure documents, ensuring they are up to date, fit for purpose and reviewed in line with guideline
• Support the ongoing development and enhancement of the TPRM framework
• Review and challenge of outsourcing determination, Inherent Risk Assessments, and other risk management components of the third-party risk (TPR) lifecycle
• Provide a holistic risk management review over any new/modified third party arrangements prior to onboarding focusing on any material residual risk and able to propose risk mitigations
• Support the contract lifecycle management and help in the development of meaningful key performance indicators (KPI)
• Oversight and review of monthly KPI’s/Metrics and support the production of monthly board packs
• Collate, review, and challenge monthly KRIs, assess and escalate risk issues to risk committees
• Participate in the development of exit strategy & plan.
• Support the testing of exit strategies/plans as part of BCM and/ or Operational Resilience exercise, including the development of third -party risk scenario events etc.
• Provide oversight of remedial actions and ensure timely resolution
• Periodic review and oversight of the third-party/ outsourcing inventory register, notify TPM Operations of any risk concerns
• Support and provide oversight over the TPRM related risk acceptance/ issues process, working closely with Operational risk team
• Provide oversight over the cyclical review process working closely with Procurement and TPM Operations
• Stakeholder management and support across the full TPR lifecycle
• Act as a coordinator between the EMEA entities/branches and head office, and support RMD insourcing
• Act as Subject Matter Expert (SME) in following best practices and processes for vendor compliance
• Support the third-party related change management process
• Supporting regulatory requests where necessary (i.e., for the outsourcing register)
• Participate in third party internal audits process and requests

Required Skills and Experience -

• Experience in delivering within an investment bank environment
• Experience in supporting a similar TPRM function in the 2nd line Risk Management Department
• Working knowledge of regulations related to third party risk & operational resilience (EBA Outsourcing Guideline, DORA, FCA SYSC 8, PRA SS2/21 Outsourcing guideline) and be able to apply knowledge
• Understanding the “Three Lines of Defence” (3LoD) governance model
• Good knowledge of risk management, information security risk, internal audit, operational risk, legal/ compliance in the TPRM space
• Experience in writing policies, framework, and procedure documents
• Experience in managing working groups towards defined deliverables
• Effective communicator with excellent verbal and written communication skills
• Understanding of risk frameworks and their link to risk strategy & appetite setting

Pay range and compensation package - £65,000 - 70,000