VRM Consultant III

Bonus Type

Summary

We excel in risk assessment by leveraging extensive industry knowledge, analytical skills, and a systematic approach to identify and mitigate risks. We ensure effective risk management tailored to BOKF’s needs through comprehensive evaluations, continuous monitoring, and interdepartmental collaboration. By reviewing operations, providing feedback on best practices, and identifying opportunities to enhance controls, we help BOKF achieve its objectives and improve overall risk management.

Job Description

The Vendor Risk Management Consultant III is primarily responsible for overall coordination, status reporting and stability of BOKF, NA's vendor risk management program. This role actively works with senior management to identify, manage, and mitigate areas of risk associated with entering into and managing vendor relationships. The incumbent will ensure compliance with federal regulations and corporate policies. The incumbent will also facilitate reporting and analysis for business unit executive management regarding individual vendor risk, performance and compliance. This position manages multiple large, complex vendor relationships with greater impact to the enterprise.

Team Culture

Our team is centered on vigilance, analytical thinking, and collaboration. Team members work together to identify, assess, and mitigate risks, creating an environment where growth and skill enhancement are highly valued. This proactive and cooperative approach ensures the bank's stability and resilience in a dynamic financial landscape.

How You'll Spend Your Time

• You will facilitate the execution of the Vendor Risk Management Program to align with company objectives and regulatory standards.
• You will continuously improve risk methodologies to meet changing regulations and industry best practices.
• You will collect, review, and assess vendor documentation and references to support risk evaluations.
• You will collaborate with Compliance and Information Security teams on audits, reviews, and risk assessments.
• You will train internal stakeholders on vendor risk procedures and maintain updated training materials.
• You will oversee vendor risk reviews, performance monitoring, and reporting through KPIs and scorecards.

Education & Experience Requirements

Bachelor’s Degree in Business, Accounting, Computer Science, Information Management, or a related field; or a Regulatory Vendor Program Manager certification and 5-7 years of practical or working experience within vendor risk management, legal, auditing or regulatory experience, or 10-13 years of equivalent experience in contract/procurement/vendor relations.

• Familiarity with the Three Lines of Defense (3LoD) risk management framework.
• Skilled in defining due diligence requirements and planning vendor engagements.
• Capable of overseeing, monitoring, and reporting vendor activities.
• Strong internal sponsor and relationship management.
• Proficient in negotiating and managing contract terms and conditions.
• Deep understanding of regulatory mandates related to third-party service providers.
• Familiarity with IT controls and auditing practices.
• Thorough grasp of business unit needs and internal operations.
• Proven ability to manage teams and foster partnerships.
• Demonstrated collaboration with internal departments and external partners.
• Effective in facilitating teamwork, negotiation, and internal communications.
• Excellent written and verbal communication.
• Superior organizational, planning, and analytical abilities.
• Strong technical and creative problem-solving skills.
• Responsible, calm under pressure, and tactful in authority.
• Skilled in prioritization, time management, and decision-making.
• Accurate in record keeping and proficient in IT tools.