Hybrid Vendor Management - Business Continuity Program Manager bei Mainstreet Bank

Description

Summary:  This critical role ensures the bank maintains a robust framework for managing third-party risks and is prepared to respond effectively to disruptions, safeguarding our operations, data, and customer service. The ideal candidate will possess a strong understanding of regulatory requirements, risk management principles, and best practices in both vendor oversight and operational resilience.

Essential Job Functions:

Vendor Management Program

• Program Ownership: Lead the development, implementation, and continuous improvement of the bank's comprehensive vendor management program, aligning with regulatory expectations (e.g., OCC, FDIC, Federal Reserve) and industry best practices.
• Risk Assessment & Due Diligence: Oversee and conduct thorough risk assessments and due diligence for new and existing third-party vendors, including financial, operational, information security, compliance, and reputational risks.
• Contract Management: Partner with legal and business units to review, negotiate, and manage vendor contracts, ensuring favorable terms, service level agreements (SLAs), and appropriate risk mitigation clauses.
• Performance Monitoring: Ongoing monitoring of vendor performance, adherence to contractual obligations, and compliance with bank policies and regulatory requirements.
• Relationship Management: Serve as a central point of contact for vendor management inquiries, facilitating effective communication and collaboration between business units and vendors.
• Reporting & Documentation: Maintain accurate and comprehensive documentation of all vendor relationships, risk assessments, due diligence, performance reviews, and audit findings. Prepare regular reports for senior management, committees, and regulatory bodies.
• Policy & Procedure Development: Develop, update, and enforce vendor management policies, procedures, and guidelines.
• Training & Awareness: Provide training and guidance to bank personnel on vendor management policies and procedures.

Business Continuity & Disaster Recovery (BC/DR) Program

• Program Ownership: Lead the strategic planning, development, implementation, and maintenance of the bank's enterprise-wide Business Continuity and Disaster Recovery plans, ensuring alignment with FFIEC guidelines and industry standards.
• Business Impact Analysis (BIA): Coordinate with Business Unit Managers to conduct and regularly update Business Impact Analyses to identify critical business functions, recovery time objectives (RTOs), and recovery point objectives (RPOs).
• Risk Assessment: Identify potential threats and vulnerabilities to the bank's operations and technology infrastructure, recommending mitigation strategies.
• Plan Development & Maintenance: Review, and update comprehensive BC/DR plans, including incident response, crisis management, communication strategies, and recovery procedures for all critical departments and systems.
• Testing & Exercises: Design, coordinate, and execute regular BC/DR tests, drills, and exercises (e.g., tabletop exercises, functional tests) to validate plan effectiveness and identify areas for improvement. Document results and remediation actions.
• Crisis Management: Support crisis management efforts during actual disruptive events, coordinating recovery activities and communication.
• Technology Recovery: Collaborate with IT to ensure technology recovery plans are integrated with overall BC/DR strategies and regularly tested.
• Reporting & Documentation: Maintain comprehensive documentation of BC/DR plans, test results, incident reports, and regulatory compliance artifacts. Prepare reports for management and regulatory examinations.
• Training & Awareness: Develop and deliver BC/DR awareness and training programs for employees at all levels.

Requirements

Job Requirements:

• Education: Bachelor's degree in Business Administration, Finance, Information Technology, Risk Management, or a related field. Master's degree or relevant certifications (e.g., CBCP, MBCP, CISA, CRISC) preferred.

Experience

• Minimum of 5-7 years of experience in risk management, compliance, operations, or a related field within the financial services industry, preferably in a community banking environment.
• Proven experience specifically managing vendor management and/or business continuity/disaster recovery programs.

Knowledge

• In-depth understanding of banking regulations related to third-party risk management (e.g., OCC Bulletin 2013-29, FFIEC IT Examination Handbook) and business continuity (FFIEC BCP Handbook).
• Strong knowledge of risk assessment methodologies, contract management, and performance monitoring.
• Familiarity with various BC/DR frameworks and standards (e.g., ISO 22301, NIST).
• Understanding of IT infrastructure, cybersecurity principles, and data privacy regulations.

Skills

• Excellent analytical, problem-solving, and decision-making skills.
• Strong project management and organizational abilities.
• Exceptional written and verbal communication skills, with the ability to present complex information clearly to diverse audiences.
• Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Visio).
• Ability to work independently and collaboratively in a fast-paced environment.

Physical Demands/Requirements:

The physical demands described below are representative of those that must be met to successfully perform the essential functions of this job. They are subject to change at any time due to reasonable accommodation or other reasons. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Sitting for extended periods of time.
• Walking; bending at the waist; dexterity of hands and fingers to operate a computer.
• Hearing and speaking to exchange information in person or by phone.
• Seeing to read and analyze complex data.
• Occasionally required to climb, stoop, or kneel.
• Occasionally required to lift and/or move equipment up to 50 pounds.

Working Conditions:

• Work can be performed in a hybrid, work from home and office environment, upon a satisfactory 90 day performance review.

At MainStreet Bank we strive to bring talented, team-oriented individuals on staff to meet and exceed our customers' needs. MainStreet team members enjoy a friendly working environment, opportunity for personal and professional growth, generous benefits and access to resources for improving their well-being.

For more information visit our website at www.mstreetbank.com

MainStreet Bank is an equal opportunity employer. Employment selection and related decisions are made without regard to sex, race, age, disability, religion, national origin, color or any other protected class.