Senior Third Party Risk Analyst Security Control Assessor resume example

• Performed fact-finding research by investigating, collecting and analyzing data and compiling in report format.

Maintain current knowledge of laws, regulations, policies and procedures applicable to the job assignment.

· Assist the AML Officer with onboarding new counterparties as well as managing external onboarding requests

· Provide day-to-day support and oversight to the business on OFAC/sanctions issues.

· Perform EDD activities at the direction of the AML officer.

· Monitored data inputs to manage and maintain accuracy.

· Improved operations by working with team members and customers to find workable solutions.

· Monitor transactions of assigned accounts to assess potential suspicious activity on the account, such as money laundering.

· Monitor, investigate, review and escalate KYC/ AML alerts for further investigation

· Prepare well-written Suspicious Activity Reports (SARs) on suspect transactions

· Work and contribute in a team-oriented and collaborative environment to improve the analytical and reporting processes.

· Ensure compliance with Bank Secrecy Act Regulations, Anti-Money Laundering related regulations, Office of Foreign Assets Control Regulations and USA PATRIOT Act Regulations

. Write suspicious activity reports, address sanctions alerts, and other applicable AML processes in accordance with regulatory expectations and departmental procedures.

• Analyzed data to provide insights and recommendations for mitigating conduct risk.
• Facilitated adherence to safety and regulatory objectives and managed client-specific projects, training programs and personnel background checks.
• Conducted extensive research to support regulatory findings and control weaknesses.
• Tracked assignment completion to provide weekly metrics to the compliance manager.
• Performed testing to evaluate processes, enhance test scripts and analyze results.
• Observed staff performance and evaluated metrics to assess work quality, meeting individually with employees to conduct regular reviews and discuss approaches to improvement.
• Maintained records detailing current, prospective and declined client profiles for further analysis and future reference in negotiation of new contracts and new client intake.
• Monitored media reports to evaluate company publicity quality, report on media presence to managers and executives and recommend approaches to improving public image.
• Collaborated with AML officials to analyze transaction data and identify patterns and trends potentially indicative of unethical activity.
• Reviewed customer financial data to ascertain level of risk involved for extending credit.
• Requested financial documents from customers.
• Developed comprehensive understanding of financial statements, enhancing opportunities to assess risk.

• Juggled multiple projects and tasks to ensure high-quality and timely delivery.
• Usage of GRC Tools such as SAP GRC, Enablon, MetricStream, and ARIBA.
• Mitigated risks by leading and auditing international subsidiaries and operational processes.
• Performed research and analyzed the content of records to make disclosure determinations.
• Sought out new vendors and negotiated favorable contracts to control costs. Performed advisory and challenge functions regarding the Third Party Risk Management program to the business units (first line)
• Validated that business units (first line) are executing the Third Party Risk Management program requirements effectively.
  •Reviewed third-party risk assessments for conformance to program objectives and methodology.
  •Assisted in researching, reviewing, developing, and maintaining Third Party Risk Management policies and standards that comply with federal and state regulatory laws.
  •Effectively monitored the tracking of issues, gaps, exceptions, and mitigation plans as they relate to third party risks to ensure timely resolution.
  •Prepared third party portfolio reporting of risk and performance to senior executives.
  •Ensured timely and accurate escalation of issues and observations of non-compliance or risks outside of acceptable thresholds.
  •Evaluated the Third Party Risk Management program to identify optimization opportunities and provide recommendations for process improvement.
  •Performed business analysis to ensure alignment of Third Party Risk Management functions with overall organizational and enterprise risk frameworks.
  •Evaluated control libraries and identify when controls need to be refreshed or added. Served as Third Party Risk Management subject matter expert to first line, providing risk management guidance as needed.
  •Performed testing of controls for all phases of the Third Party Risk Management lifecycle identify and evaluate deficiencies and assist with quarterly reporting on test results and issue trends.
• Reported findings on risk exposures to senior executives and board of directors.
• Reviewed risk management database reports for compliance and fraud prevention.
• Processed liability claims and incident reports for submittal to third party administrators.
• Managed vendor relationships for workers' compensation and property and casualty insurance policy programs.

• - Assessed compliance risk, developed audit work plans and documented findings.
• Directed completion of planned audits, assessed records and procedures for accuracy to accomplish objectives and appraised policies and plans under audit review.
• Applied audit fundamentals to identify risks and develop action plans.
• Usage of GRC Tools such as Wolfpac,StandardFusion, RSA ARCHER,JIRA Riskonnecct
• Made recommendations to resolve compliance audit findings.
• Supervised and coordinated projects for external auditors and examiner evaluations.
• Streamlined internal auditing programs by utilizing data analytics software.
• Reviewed and approved fee requests for services from external auditors.
• Trained, developed and provided performance management initiatives to audit staff.

- In depth knowledge of Performing assessments of IT General Controls (ITGC) such as Access Control, Change Management, IT operations, Disaster recovery and Job Scheduling.
- Execute Computer Assisted Audit Techniques using software tools such as Monarch Pro, Microsoft Access, and IDEA to analyze data.
- Experience in reviewing Service Organization Control (SOC) reports, in compliance with SSAE18 for organizations.
- Performed audit of IT general and application controls, information security, systems development, change management, business continuity, disaster recovery and computer operations.
- Implementing and testing of internal controls under Section 404 of the Sarbanes Oxley Act (SOX) and performing Walkthrough of controls and evaluating operating.
- Performed IT Infrastructure Audit to test default account, vendor update & patches, password setting and unnecessary services running over the application such as Unix, Window, Mainframe, Network devices, Firewall, Database and Active Directory.
- Participated in SAP Transaction testing to perform, including testing of segregation of duties to assist the client in improving their user management, authentication management, authorization management, access management, and provisioning capabilities.
- Assisted in planning, execution of audit and work closely with financial teams, operations teams, as well as the risk management team.
- Coordinate and perform reviews of data center general controls, company-server security, operating systems, systems development life cycles, monitor procedures relating to physical security over data centers, computer operations and network communications security.
- Liaised between in-house managers/IT department and External Financial and Operational Auditors.
- Prepared audit scopes reported findings and presented recommendations for improving data integrity and operations.objectives and appraised policies and plans under audit review.

- Conducted audits on internal controls and developed reports on findings.

- Adhered to audit principles, standards and practices to keep company in good standing.

• Reviewed risk management database reports for compliance and fraud prevention.
• Reviewed portfolios, identified risk factors, and determined methods to alleviate delinquencies.
• Usage of GRC Tools such as RSA Archer, JIRA, and Prevalent.
• Maintained risk identification programs to reduce potential losses from workers' compensation and general liability insurance issues.
• Used cost-containment tools safely and accurately to control risks.
• Identified hazardous materials in facilities, disposing of waste according to regulations.
• Devised and executed contingency plans to maintain operational continuity during events such as data backup and cross-training.
• Managed vendor relationships for workers' compensation and property and casualty insurance policy programs.
• Supported the development and implementation of proactive approaches to address risk, fraud, and collection needs.
• Managed and executed risk management projects to determine deficiencies and appropriate corrective actions.
• Analyzed reporting strategies and data to create educational programs.
• HIPAA creates national standards to protect individuals' medical records and other personal health information. It gives patients more control over their health information. It sets boundaries on the use and release of health records.
• Implemented loss control measures to protect workers and mitigate workplace hazards.