Job Details

Job DescriptionUnder the direction of the Director, this position is responsible for planning, directing, organizing, executing and overseeing the bank's Third-Party Risk Management (TPRM) program and related policies. This role will design, build, and lead the Vendor Risk Management function, while partnering with and influencing key leaders across the organization to drive process, policy, and technology changes. The TPRM department is responsible for ensuring adherence to regulatory compliance, the Company's high standard of commitment to protecting our data entrusted to vendors, and overall sound risk management practices across multiple domains such as financial, business continuity, compliance, and information security.Responsibilities Develops and implements the company's vendor risk management framework, operating model, and governance. Establishes the roadmap that lays out the maturity initiatives on an annual basis in support of a robust third-party landscape. Designs vendor risk technology enhancement requirements to support third-party risk management processes. Partners and coordinates closely with internal stakeholder areas to facilitate, evaluate, and address issues as applicable with third party relationships. Assists in reviewing all aspects of the vendor review process to ensure internal and external standards are met or exceeded. Maintains accountability for accuracy and completeness within the TPRM's dedicated system of record. Establish and manage risk dashboards and other reports for key stakeholders, related TPRM committees and other working groups. Performs analysis on submitted data and identifies trends or patterns of vendor performance and compliance. Maintains a strong understanding of the products, services, and activities of business units as well as third-party risk management principles and practices. Leverages that understanding to provide consulting, guidance and education to stakeholders throughout the third party lifecycle. Understands regulatory requirements related to company's third-party portfolio, and represents vendor risk management during internal, customer, or regulatory audits/assessments. Assists in the selection and tailoring of approaches, methods and tools to support service offering or industry projects. Demonstrates a general knowledge of market trends, competitor activities, as they align with the Company's strategic direction. Creates and nurtures positive working relationships across the bank with the intention of enabling agility, cost effectiveness, and delivery as they support our customer experience goals and initiatives. Establishes, communicate, and implements a consistent strategic vision of security and privacy across the bank by building consensus on third-party compliance security and privacy risks. Responsible for the management of all employees in the section including staffing and scheduling, compensation, performance management, training and development. Attract retain and motivate the team to achieve management business objectives and maintain a favorable employee relations climate. Responsible for the timely and effective management of Human Resources forms and documents relevant to immediate staff. Actively mentor and train teammates on Third-Party Risk Management processes, governance, and frameworks. Work cross-functionally with team members to support and drive a collaborative team environment. Generate innovative ideas and challenge the status quo. Establish team goals and work with direct reports on strategies for executing, measuring progress, and sharing results. Performs other miscellaneous responsibilities and duties as assigned.Qualifications Bachelor's degree in financial audit, accounting, business, or related field from an accredited institution or equivalent work experience. Minimum 6 years of experience in financial regulatory risk, internal or external auditing, and/or information security experience preferred, particularly in association with the financial services industry. Foundational knowledge and experience working with all relevant risk disciplines (information security, business continuity, data privacy, legal and regulatory compliance, and general business risk). In addition, subject matter expertise in at least one of these disciplines. Demonstrated proficiency and expertise with personal computers and Microsoft applications (Outlook, Word, Excel, Access and PowerPoint) or similar software. Proficiency with Microsoft Project or similar software preferred. Knowledge of or ability to use Bank software and systems. Experience working with tools VRM or GRC tools desired (e.g. ServiceNow, BMC, Archer, Audit Board, RiskRecon, etc.) Demonstrated leadership skills to train, develop and coach others in the execution of the program. Demonstrated success in managing risk for a portfolio of third parties, including risk identification, assessment, and issue identification and resolution. Ability to problem solve and identify solutions to third party issues that are appropriate based on business context and risk significance. Experience with performing remote and on-site third party assessments and/or contract audits. Experience in developing new risk and/or compliance and auditing management functions and capabilities within large, complex environments. Familiarity with compliance standards such as SOC1, SOC 2, PCI, NIST, or ISO 27001, and a willingness to learn others. Proven track record of cross-functional collaboration, especially in building a security-first culture focused on enabling business needs. Certification highly desired: CISA, CISM, CRISC, CISSP or related.As a Bank of Hawaii employee, you ensure (or assist with ensuring) compliance with applicable laws, regulations, regulatory requirements and Bank policies and procedures, including but not limited to those related to Fair Banking, Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act.Delivering exceptional customer experiences is at the heart of what we do at Bank of Hawaii. We listen, understand and deliver what our customers need to help them build a better tomorrow.We are an EEO/AA employer, including disability and veterans. For Bank of Hawaii's full EEO statement, please visit