Easter Seals Jobs

The Third-Party Risk Officer is responsible for implementing, overseeing, and managing Stock Yard Bank’s third-party risk management program.  This role ensures third-party providers (a.k.a. vendors) comply with Bank Policies, industry regulations, and best practices while identifying and mitigating risks related to third-party providers including but not limited to cybersecurity, compliance, operational efficiency, financial stability, strategic, and reputational risks.  The position will require consistent collaboration with all departments who have third party providers supporting their operational and strategic functions.  The position will serve as a second line of defense covering third party provider risk for the Bank’s overall Enterprise Risk Management program.ResponsibilitiesDaily responsibilities include, but are not limited to, the following:Program Development and Oversight:Design, implement, and maintain a robust third-party risk management framework.Develop and enforce policies, standards, and procedures for third-party risk assessment and monitoring.Create educational materials for internal stakeholders to enhance understanding and purposes behind the third-party risk management program, including operational policies and procedures.  Will be responsible for delivery and facilitation of such training to internal stakeholders.Risk Assessment:Conduct risk assessments for new and existing third-party relationships.Evaluate vendor controls related to cybersecurity, data privacy, financial health, compliance, and operational performance.Assign risk ratings and recommend mitigation strategies for identified risks.Vendor Due Diligence:Perform detailed due diligence on potential vendors, including reviewing contracts, certifications, and service-level agreements (SLAs).Collaborate with legal, compliance, and procurement teams to ensure thorough vetting processes.Ongoing Monitoring:Monitor third-party performance through audits, periodic reviews, and key performance indicators (KPIs).Track and report on third-party incidents or breaches, ensuring timely resolution and communication with stakeholders.Collaboration:Work closely with Subject Matter Experts, internal stakeholders, Information Technology, Information Security, legal, and compliance, to align third-party risk management with organizational goals.Serve as a liaison between the organization and third-party entities during risk discussions or escalations.Regulatory Compliance:Stay up-to-date on relevant regulatory requirements (e.g., GDPR, SOC 1 & 2, ISO 27001, FFIEC).Ensure third-party activities adhere to applicable laws and regulations.Reporting and Metrics:Prepare and deliver regular reports to senior management and the Enterprise Risk Management Committee on third-party risk metrics, trends, and significant issues.Maintain comprehensive documentation of third-party risk management activities.Other:Consistently apply superior decision-making techniques pertaining to inquiries, approvals, and requests as they apply to existing policies and procedures, keeping within assigned approval limits and using these instances as learning tools for further program enhancements.Assumes responsibility for special projects including document preparation for internal/external audits and regulatory examination.Other duties as assigned, including providing back-up support to other risk management areas, assisting with internal and external audits, and state and federal banking examinations.Job RequirementsThe successful candidate will have the following qualifications:Bachelor’s degree in business administration, risk management, information security, or equivalent experienceMinimum of 5 years of experience working in the banking industryMinimum of 3 years of experience in Third-Party Risk Management/Vendor Management, risk management program governance, Risk and Compliance, Audit, or similar field.Relevant certification(s) desired or a willingness to complete within 24 months: Certified Third-Party Risk Professional (CTPRP), Certified Regulatory Vendor Program Manager (CRVPM), Certified Risk Manager (CRM), Certified Regulatory Compliance Manager (CRCM) or relevant risk management certification.Strong knowledge of regulatory guidelines regarding third-party risk management.Experience in contract review and negotiations.Excellent written and verbal communication skills with the ability to present complex information to non-technical audiences.Strong knowledge of risk management frameworks and methodologies.Familiarity with cybersecurity, data privacy, and regulatory compliance standards.Ability to manage multiple projectsDetail oriented with strong analytical and decision-making skillsDemonstrates initiativeExcellent written and verbal communicationsProfessional appearance and demeanorStrong experience with MS Excel and Word.Benefits401(k) with a company match of up to 6%ESOP employer matchMedical insuranceDental insuranceVision insuranceCancer / Disease insuranceAccident insuranceFlexible Spending AccountsHealth Savings AccountsBank paid Life / AD& D insuranceVoluntary Life / AD&D insuranceBank paid Short-Term and Long-Term Disability insuranceEmployee Stock Purchase PlanEmployee Assistance ProgramPhysical RequirementsThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.This position requires sitting the majority of the time with limited walking and standing. All work occurs indoors and within regular working hours. The noise level in the work environment is usually moderate