Synovus

Compensation

Full Description

Job Summary Coordinates, monitors, and provides due diligence oversight of third party vendors within Synovus Financial Corp. Ensures responsible parties comply with Third Party Risk Management (TPRM) program guidelines, documentation of program activities is accurate and effectively organized, and assessments and reporting are performed in a timely and proficient manner. Job Duties and Responsibilities Maintains thorough and detailed knowledge of compliance, procedural, operational and other financial industry requirements related to TPRM. Incorporates these requirements into monitoring mechanisms and procedures to provide ongoing third party oversight. Assists with the development and implementation of policies, systems, procedures and guidelines. Manages, reviews, and completes all assignments and tasks via the TPRM platform. Manages and utilizes dashboards and reporting to meet regulatory and ongoing monitoring requirements for the TPRM program. Manages and approves logical security access to Third Party Risk Management platform. Manages the vendor performance scorecard application and facilitates the completion of required scorecard surveys for all critical and high risk vendors and escalates accordingly. Manages the vendor business review process from end to end. Partners with vendor managers to assist with training and development as well as providing oversight, monitoring, and reporting. Performs vendor sanction checks, vendor financial reviews, and reviews vendor risk questionnaires during initial vendor onboarding and on a recurring basis as part of TPRM ongoing monitoring. Monitors Political, Economic, Social, Technology, Legal, and Environmental (PESTLE) negative news using TPRM tools of all critical and high risk vendors. Assists with compiling data and produces quarterly and ad hoc TPRM reporting in support of Executive Risk Committee and Risk Committee of the Board presentations Assists with third party risk requests in support of internal audits and external regulatory exams as required. Assists with first line of defense vendor managers and second line of defense partners to ensure TPRM considerations and data are incorporated in overall TPRM program (i.e., AML/BSA, Consumer Compliance, Corporate Risk and Insurance, InfoSec, Sourcing and Legal). Develops and manages the SOC report review process. Partners with vendor managers to assist with training and development to ensure that vendor managers are properly reviewing SOC report Complementary User Entity Controls (CUECs). Trains and assists with developing skills for lesser experienced TPRM Analyst I or II. Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise and report known or suspected violations to the appropriate Company authority in a timely fashion. Performs other related duties as required. The information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Synovus is an Equal Opportunity Employer committed to fostering an inclusive work environment. Min. Education Bachelor’s degree in a related discipline or an equivalent combination of education and experience. Min. Experience 6 years of direct third party risk management experience or 10 years of compliance, audit, information security, or other risk management experience. Preferred Knowledge, Skills, & Abilities: Extensive knowledge of FFIEC regulatory guidelines related to third party risk management (CFPB, FDIC, FRB, OCC) Third Party Risk Management experience within the banking/financial industry In depth knowledge and experience reviewing SOC reports (SOC1, 2, 3) and other independent external audit reports