Senior Third Party Risk Analyst

Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and its change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It's our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Learn more about why you want to be here!

PURPOSE OF THE JOB

The purpose of this job is to provide full-service enterprise third party risk services required to analyze and assess third party products/third parties for level of risk to the organization's financial plans and goals for growth. This position exists to ensure compliance with regulatory requirements, such as

NYDFS. ESSENTIAL DUTIES AND RESPONSIBILITIES

Recommends and implements innovations to continuously improve processes. Manages third party risk program templates, tools, procedures, and processes and updates as necessary. Designs and maintains Third Party Risk program tools, such as third party risk scorecards, risk assessments, workflows, reports and process improvement initiatives. Trains team members on tools and processes to ensure standards for purchasing are met. Partners and collaborates with the Legal, Information Security, IT, Finance and Business Continuity departments with complex risk assessments and related contractual matters. Gathers data for preparing reports and documents as requested. Synthesizes and prepares data for inclusion in reports and departmental presentations as requested. Prepares market analysis or data related to third party risk as necessary. Designs and manages complex data sets and draws conclusions related to third party and contract data. Maintains current knowledge of trends and best practices for third party risk and insurance industry. Analyzes the risk posed by third parties in the purchasing and third party relationship. Executes a risk-based engagement and monitoring program consistent with the third party risk program, regulatory requirements and third party Company policies. Produces robust governance and oversight reporting consistent with risk rating and program requirements. Analyzes complex financial reports and risk related reports to assess the third party's financial viability and business legitimacy. Uses independent judgment based on data compilation and well documented processes to recommend or disqualify third parties from consideration in doing business with ICW Group. Completes information security review by assessing required third party documentation such as SOC reports, incident response plans and Cloud security protocols. Executes the third party risk management life cycle to include planning, due diligence, negotiation, ongoing monitoring, and termination of third party relationships. Manages relationships with third parties, current and prospective third parties, and other external constituencies involved in the third party risk program. Completes due diligence risk assessments, including financial viability reviews and information security requirements for potential ICW Group third parties. Vets third parties and negotiates terms related to risk remediation that are consistent with regulatory requirements and policies of ICW Group. Assesses third party on-going financial and commercial viability and identifies associated risks. Monitors third party performance for consistency with service level expectations. Collects and reviews supporting documentation for potential and existing Third Parties. Drives completion of ongoing assessments of

ICW GROUP

Third Parties. Manages library of Third Party documentation, scorecards and other applicable documents in applicable systems. Manages process improvements, contract standardization, and other departmental projects. Provides specialized advice and risk analysis results to various departments throughout the Company. Provides vetted third party related data and recommendations to business stakeholders in departments such as legal, compliance, information security, information technology and finance. Articulates and presents recommendations to stakeholders based on findings during the third party analysis process including financial strength data, information security practices and other operational risk measurements. Advises Buyers and other internal procurement professionals in third party risk assessments during selection and vetting. Audits current third party relationships and proactively escalates deficient third parties to the appropriate party, such as internal legal and finance leaders. Ensures satisfactory outcomes of regulatory audits and exams.

SUPERVISORY RESPONSIBILITIES

This position has no supervisory responsibility.

EDUCATION AND EXPERIENCE

Bachelor's degree from a four-year college or university with a major or emphasis in Finance, Data Science, Information Security or related field; or equivalent combination of education and experience. Minimum 5-7 years of experience working with third party contracts, information security protocol documentation or financial documentation required. Previous experience with operational risk analysis, including IT risks, software risks and security risks preferred. Extensive experience with Microsoft Excel, Word, Visio and PowerPoint. Prior experience with governance, risk and compliance (GRC) tools and contract negotiation preferred.

CERTIFICATES, LICENSES, REGISTRATIONS

One or more of the following certifications are preferred: Amazon Web Services (AWS) Certified Cloud Practitioner certification or similar Cloud based technology certification. Certified Regulatory Vendor Program Manager (CRVPM), Certified in Risk and Information Systems Control (CRISC), Certified Third Party Risk Professional (CTPRP), Certified Internal Auditor (CIA), Certified Financial Services Auditor (CFSA), Certified Fraud Examiner (CFE).

KNOWLEDGE AND SKILLS

Knowledge of regulatory third party standards including New York Department of Financial Services cybersecurity (NYDFS), Office of the Comptroller of the Currency (OCC), Federal Financial Institutions Examination Council (FFIEC), and Consumer Financial Protection Bureau (CFPB). Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical situations. Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to analyze complex sets of data and develop creative solutions to support business needs. Ability to read, analyze, and interpret technical journals, financial reports, contracts and other related documents. Excellent interpersonal and communication skills with ability to directly influence others. Ability to accept new ideas and embrace change. Demonstrated organizational and time management skills. Must be capable of coordinating and organizing input from various channels, perform negotiation, resolve conflicts and build consensus at all levels of the organization. Must be able to read, write and speak English effectively. Excellent interpersonal, communication and listening skills are a must.

PHYSICAL REQUIREMENTS

While performing the duties of this job, the employee is frequently required to sit. The employee is regularly required to stand; walk; reach with hands and arms; stoop, kneel, crouch, or crawl; talk and hear. The employee must occasionally lift and/or move up to 30 pounds. Specific vision abilities required by this job include close vision. The worker is required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time.

WORK ENVIRONMENT

This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. The noise level in the office is usually moderate. We are currently not offering employment sponsorship for this opportunity. #LI-JM1 #LI-Hybrid The current range for this position is $78,678.61 - $132,686.15 This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work.

WHY JOIN ICW GROUP?

Challenging work and the ability to make a difference You will have a voice and feel a sense of belonging We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match Bonus potential for all positions Paid Time Off Paid holidays throughout the calendar year Want to continue learning? We'll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. ___________________ Job Category Shared Services