Business Controls Department

The Mizuho Americas Business Controls Department (BCD) is a team of first line of defense (1LoD) risk and control professionals performing essential enterprise control functions across the company including Third Party Services, Business Continuity Planning, Data Management Operations, Data Loss Prevention, and Business Risk and Control Services.

The functions performed span all lines of business and corporate functions across the Americas region. The department is also accountable for spearheading the company’s efforts to understand and manage data privacy, fraud, conduct, reputational, and strategic risk.

The department creates singular accountability and a one stop shop for all enterprise control services. The Mizuho Americas BCD is part of the Mizuho Americas Corporate Strategy & Administration Division.

Third Party Services Unit

The Third Party Services Unit is a 1LoD risk function that is responsible to provide a white-glove service by working closely with all business lines and corporate functions to shepherd them through the Third Party Risk Management (TPRM) process, work directly with the Third Parties to perform Due Diligence and to provide oversight of the Third Party Risk Management function.

Third Party Utility Team (TPU)

Third Party Utility (TPU) is a team in the Third Party Services unit of the Mizuho Americas Business Controls Department, which provides white glove service to the Line of Business ( LoBs ) in executing the TPRM Program

Roles and Responsibilities :

Provide white glove level of support to business stakeholders in managing and completing Third Party Risk Management activities throughout the lifecycle of a third party engagement (i.

e. On-boarding, Contracting, Inherent Risk Assessment, Due Diligence, Exit Strategy development, On-going Monitoring, and Termination)

Review contract details to determine the type of service provided by the vendor to determine if it the engagement is in scope for TPRM.

Conduct touchpoints and close out calls with business stakeholders to review and address findings such as control gaps identified during the due diligence assessment.

Provide just in time training to users through the engagement lifecycle.

Adjust to new / updated processes to adhere to changes in the regulatory environment.

Assist in maintaining operational procedures for TPRM processes.

Collaborate with various stakeholders, including third party providers, business units, Legal, Compliance and other teams.

Lead process improvement activities, participating in TPRM special projects and other assessment related activities.

Qualifications

The individual will be a part of the Third Party Utility Team and is expected to work remotely with periodic onsite visits to the office.

The level of the position is commensurate with the experience and knowledge of the individual selected for the role.

Bachelor’s degree in relevant field such as information security, cybersecurity, business administration, finance, or risk management.

Relevant certifications (e.g. CTPRP, CISA, CRISC and / or CISSP certification).

3-5 years in third-party risk management, vendor management, or related field.

Strong analytical skills with high attention to detail and accuracy.

Strong interpersonal and critical thinking skills with the ability to collaborate with others to deliver impactful results.

Demonstrate an ability to establish and maintain effective working relationships at all levels within the organization

Effective planning, time management, attention to detail, customer service and problem-solving skills.

Oversee and / or independently perform tasks from end to end with minimal supervision. GRC (Governance, Risk and Compliance) system experience preferable (RSA Archer experience a plus)

Proficient in using risk assessment and monitoring tools (e.g. Dun and Bradstreet, Fircosoft)

Experience with Microsoft applications (Excel, Word, PowerPoint, and Visio)

The expected base salary is up to $125,000.00. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained.

Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.

LI-Remote

LI NR1

Other requirements

Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations.

Last updated : 2024-05-15