It's an exciting time to be at Hanscom Federal Credit Union! As a member of our Risk Department, you will join a dynamic team of dedicated individuals committed to delivering exceptional service to our members. Who we are - Hanscom Federal Credit Union
- Members-first - our members are our top priority. We make business decisions with our members at the top of mind.
- Integrity - we're honest and committed to doing what's best for our members and our company. What is right isn't the same as what is easy.
- Teamwork - we are in this together and we all benefit from our success.
- Innovation - we identify new ideas for processes or products that will lead to positive changes and take the initiative to implement the changes.
- Empathy - we understand that communication starts by listening, understanding diverse perspectives, and caring about others' sustained success.
What we offer
- A full-time, permanent position that will reward you through an annual bonus program.
- Medical, Dental, Vision, FSA, 401(k), Student Loan Paydown, and paid Sick and Vacation time benefits.
- A flexible hybrid work schedule environment.
- We are committed to fostering career growth and development - when you join our organization it's not just a job.
- We look to develop your skills aligned to our business needs and help you progress in your career.
Who you are - Risk Analyst You are a dynamic, detail oriented, intuitive person with the ability to develop relationships, build rapport and become a trusted team member. You are able to provide everyone you assist or support with a high level of service, have strong organization and multi-tasking skills, and are searching for a rewarding career where you are valued and respected. What you'll do
- Executes Risk Management processes to identify and maintain the inventory of risk assessments that cover the credit union's operations. This includes, but is not limited to: identifying new and changing risk assessments; documenting objectives; risk profiles; risks; controls; control effectiveness measures; and mitigation plans. Assists the Risk Manager with performing risk assessments with business units.
- Responsible for performing vendor inherent risk assessments including new on-boarding and periodic due diligence. Monitors the risk metrics process, reports performance against risk tolerances and ensures the results are reported and delivered for the Risk Management Committee and the Board meetings as required.
- Responsible for documenting, monitoring, analyzing and reporting on all risk assessment recommendations through resolution. Develops and executes risk management reporting for management as needed.
- Assists management in the execution of enterprise wide risk assessments including strategic, IT, compliance and project based risk. Assists in the development and documentation of risk mitigation and monitoring activities.
- Responsible for performing the business impact assessment process across the credit union including the impact scoring, risk assessment, dependencies, contingency procedures and call lists. Responsible for documenting, monitoring, analyzing and reporting on all Business Continuity issues and recommendations through resolution. Responsible for maintaining the off-site repository of key business continuity documentation.
- Assists in the development and implementation of enterprise wide business continuity planning efforts. Assists management in facilitating and documenting Business Continuity program documentation, training and testing exercises.
- Monitors credit union business continuity events, analyzes impact and documents resolution and required mitigation activities.
- Responsible for facilitating the incident assessment and triage process to review, analyze and document security and data privacy incidents to ensure compliance with state and federal requirements. Responsible for documenting, monitoring, analyzing and reporting on all incident response issues and recommendations through resolution. Creates and maintains reporting for the Risk Management Committee.
- Assists in the development and implementation of enterprise wide incident response planning efforts. Assists management in facilitating and documenting incident response program documentation, training and testing exercises.
- Facilitates the identified Vendor Management workflows and processes ensuring compliance with internal policies, procedures, as well as regulatory requirements. Monitors the vendor pipeline to ensure quality and SLA maintenance. Performs assigned due diligence activities including but is not limited to: reviewing due diligence documentation; performing preliminary and final reviews; and escalating exceptions. Coordinates and leads vendor on-boarding and review meetings with vendor owners and professional reviewers to document internal controls related to vendor services. Creates the draft reports for the Risk Management Committee and maintains applicable dashboards.
- Administers the Enterprise Risk Management platform in support of all Risk functions. This includes, but is not limited to: system workflow configuration; testing; reporting; risk analysis; and training.
- Analyzes and documents the credit union's library of controls to support the risk assessment process. Develops reporting and analysis as needed.
- Assists management with internal, external audits and regulatory examinations.
- Stays current on risk management, business continuity, incident response and vendor management industry developments/trends, including attending industry training.
- Responsible for effective communication with stakeholders at all levels of the organization. Partners with department counterparts and other stakeholders to assess risk and improve Risk Management processes. Assists in monitoring and providing content for the related communication channels for the Executive Team and Risk Management Committee.
- Performs such other tasks as requested or required from time to time.
Knowledge/Skills/Experience Required:
- 5 to 10 years of experience in a risk management, business continuity and/or incident response role within a financial institution.
- A Bachelor's degree.
- Experience configuring and managing ERMplatforms preferred.
- Professional certification in a risk management discipline preferred (NCRM, CUERMA, CRMA, RIMS-CRMP, CERA, CFCP, ABCP).
- Strong interpersonal skills to facilitate relationship building with operational counterparts and leadership.
- Demonstrated ability to provide analytical assessment of complex data and produce actionable results.
Physical Demands/Conditions Required:
- Is able to bend, sit, and stand in order to perform primarily sedentary work with limited physical exertion and occasional lifting of up to 20 lbs.
- Must be capable of climbing / descending stairs in an emergency situation.
- Must be able to routinely perform work on computer for an average of 6-8 hours per day, when necessary.
- Must be able to work extended hours or travel off site whenever required or requested by management.
- Must be capable of regular, reliable and timely attendance.
- Must be able to routinely perform work indoors in climate-controlled shared work area with minimal noise.
Equipment Used:
- Must be able to operate routine office equipment including computer terminals and keyboards, telephones, copiers, facsimiles, and calculators.
MENTAL AND/OR EMOTIONAL REQUIREMENTS Must be able to perform job functions independently or with limited supervision and work effectively either on own or as part of a team. Must be able to read and carry out various written instructions and follow oral instructions. Must be able to complete basic mathematical calculations, spell accurately, and understand computer basics. Must be able to speak clearly and deliver information in a logical and understandable sequence. Must be capable of dealing calmly and professionally with numerous different personalities from diverse cultures at various levels within and outside of the organization and demonstrate highest levels of customer service and discretion when dealing with the public. Must be able to perform responsibilities with composure under the stress of deadlines / requirements for extreme accuracy and quality and/or fast pace. Must be able to effectively handle multiple, simultaneous, and changing priorities. Must be capable of exercising highest level of discretion on both internal and external confidential matters. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)