1 GRC Analyst Job in Des Moines, IA

SORT BY

SET JOB ALERT

OFF

Details...

GRC Analyst

Shazam, Inc.

Des Moines, IA | Full Time

$75k-98k (estimate)

1 Month Ago

GRC Analyst

Shazam, Inc. Des Moines, IA

$75k-98k (estimate)

Full Time | IT Outsourcing & Consulting 1 Month Ago

Save

Shazam, Inc. is Hiring a GRC Analyst Near Des Moines, IA

SHAZAM recognizes that community financial institutions build better communities, and this drives our passion to strengthen financial institutions. We are a trusted partner to our valued customers providing answers, choice, and innovation with an impeccable level of customer service – a level unmatched in the industry.

And here’s the best part - we’re a national company that offers a small-company feel, a cultural balance that’s hard to come by but very real at SHAZAM. Your growth and development are top priorities and you’ll be surrounded by talented individuals and postured to make a real difference in the company. As a team member at SHAZAM, you’ll be an essential part of our mission as we work together strengthening community financial institutions.

What we’re looking for:

SHAZAM is looking for a GRC Analystto join our team. In this position, you'll be responsible for the third-party risk management (TPRM) program, including the assessment of both third party/vendor risk and risks associated with new technologies and processes. This role also handles maturing a third-party risk management framework and risk assessment program across a complex-cross-functional team of stakeholders. You will develop and carry out program strategy and objectives and manage the full TPRM lifecycle, including program metrics.

What you'll do:

As a GRC Analyst, you will play a critical role in ensuring the security and compliance of our organization's relationships with third-parties.
You will be responsible for further development, implementation, and maintenance of a comprehensive third-party risk management program, ensuring that potential risks associated with vendors are identified, assessed, and mitigated effectively.
Ensure the program is aligned with industry best practices and regulatory requirements through periodic gap analysis.
Collaborate with and lead a cross-departmental team of risk identification and controls experts to ensure SHAZAM’s risk appetite and tolerance is adhered to.
Identify and assess potential risks associated with third-party vendors and suppliers, including but not limited to cybersecurity, data privacy, regulatory compliance, financial stability, and operational resilience.
Collaborate with internal stakeholders, including Legal, IT, Compliance, and other business units, to establish and enforce standardized third-party risk management policies, procedures, and contractual requirements.
Develop and maintain a centralized repository of vendor-related information, including contracts, risk assessments, audit reports, and remediation plans.
Develop and maintain program reporting and metrics.
Conduct thorough due diligence and risk assessments of prospective and existing third-party vendors, considering their risk profile, performance, and ability to meet contractual obligations.
Monitor and evaluate the ongoing performance and compliance of third-party vendors through periodic risk assessments, audits, and performance metrics.
Implement and maintain an effective third-party risk reporting framework, providing regular updates to management, highlighting key risk areas and recommending appropriate mitigation strategies.
Provide guidance, training, and support to internal teams on third-party risk management practices, policies, and procedures.

What you need:

5 years proven experience in third-party risk management, preferably in a regulated industry.
Bachelor's degree in business administration, finance, information technology, or a related field or equivalent work experience.
In-depth knowledge of third-party risk management principles, methodologies, and frameworks, with a strong understanding of industry standards and best practices.
Strong analytical and problem-solving skills, with the ability to assess complex risk scenarios, develop mitigation strategies, and make informed decisions.
Excellent communication and interpersonal skills, with the ability to influence and collaborate effectively with stakeholders at all levels of the organization.
Detail-oriented mindset, with the ability to manage multiple priorities and projects simultaneously, while maintaining a high level of accuracy and attention to detail.
Proficiency in using third-party risk management tools and platforms, as well as experience in leveraging data analytics for risk assessment and reporting.
Strong project management skills, with the ability to lead and execute initiatives independently and within established timelines.
A commitment to continuous learning and professional development in the field of third-party risk management.
Third-party risk management certifications are a strong plus.

What’s in it for you:

Supportive, collaborative, inclusive, and diverse workforce.
Career learning, development, and growth opportunities.
Culture of respect and dignity, teamwork, honesty, and integrity.
Excellent benefits:
- Health, dental, and vision insurance
- 401(k) retirement plan with company match
- Flexible spending and health savings accounts
- Life insurance and short- and long-term disability provided at no cost
- Time away from work – PTO, VTO, paid parental leave, and company holidays
- Educational assistance
- Professional Certification Bonus program

Actual compensation is based on various factors, such as geographic location, experience, education, and/or skill level, and is finalized at the time of offer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Visa Sponsorship: This position is not eligible for sponsorship for work authorization by ITS, Inc. Therefore, if you require sponsorship for work authorization now or in the future, we cannot consider your application at this time.