Third-Party Risk Analyst II

Summary

The Third‑Party Risk Analyst, within the Third‑Party Risk Management Program ("TPRM"), is a subject matter expert in risk and risk management methodology. The Analyst plays a pivotal role in the ongoing monitoring and assessment of First Bank’s vendor portfolio and third‑party risk appetite. Responsibilities include performing third‑party risk assessments, analyzing the risk level of third‑party engagements for new and existing, ensuring overall vendor risk aligns with First Bank’s risk methodology, regulatory, and industry standards.

The Analyst serves as part of the second line of defense by performing risk analysis functions and assisting with improvement efforts for various policies and procedures within the department. The position requires a motivated, meticulous, and practical self‑starter who maintains confidentiality, professionalism, and a helpful attitude while working with a wide variety of stakeholders.

• Conduct third‑party risk assessments and analyze risk levels for onboarding new vendors and reassessing existing vendors during ongoing review cycles.
• Partner with business units to ensure documentation is received and updated as needed.
• Analyze due diligence documentation to determine risk levels in accordance with the Bank’s risk methodology and regulatory standards.
• Assess the adequacy of vendor due diligence documentation as a quality control measure before passing to subject matter experts.
• Synthesize inputs from SMEs, vendor documentation, and business units to develop risk assessments and mitigation recommendations.
• Author risk narratives that communicate key risks for vendor engagements and justify assigned risk levels.
• Oversee day‑to‑day risk mitigation, monitoring, analysis, and reporting related to third‑party relationships.
• Complete vendor‑provided training and maintain certifications to remain current on regulatory requirements.
• Serve as system administrator and onboarding backup.
• Perform other duties and responsibilities as assigned.

• Excellent verbal and written communication skills.
• Strong computer skills and advanced knowledge of Microsoft Office applications.
• Rapid learner of industry‑specific and job‑specific software.
• Independent completion of tasks within requested time frames.
• Strong critical thinking and decision‑making under pressure.
• Quantitative and analytical skills.
• Understanding of SOC reports, BCP/DR information, inherent risk, and entity‑level controls.
• Prioritization and effective communication in a deadline‑driven environment.
• Advanced organizational skills.
• Knowledge of fundamental risk theories, principles, and concepts, preferably in the context of third‑party risk for financial institutions.
• Desire for advanced training and certifications.
• Ability to build strong partnerships with internal and external stakeholders.
• Strong interpersonal and time‑management skills.

• Bachelor’s degree and 2+ years of experience in TPRM, compliance, information security, quality assurance/control, audit, or another related risk‑management function.
• Project management experience is considered a plus.
• Banking experience preferred.

First Bank is an Equal Opportunity Employer, including disability.

First Bank does not accept unsolicited resumes from agencies and staffing firms. Recruitment agencies and consultants may not submit resumes directly to managers. First Bank will not pay fees to any third‑party agency or company that does not have a signed agreement as an approved vendor.