Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Third Party Due Diligence Analyst

Mizuho

Mizuho

Third Party Due Diligence Analyst

Washington, DC
Full Time
Paid
  • Responsibilities

    Business Controls Department

    The Mizuho Americas Business Controls Department (BCD) is a team of first line of defense (1LoD) risk and control professionals performing essential enterprise control functions across the company including Third Party Services, Business Continuity Planning, Data Management Operations, Data Loss Prevention, and Business Risk and Control Services. The functions performed span all lines of business and corporate functions across the Americas region. The department is also accountable for spearheading the company’s efforts to understand and manage data privacy, fraud, conduct, reputational, and strategic risk. The department creates singular accountability and a “one stop shop” for all enterprise control services. The Mizuho Americas BCD is part of the Mizuho Americas Corporate Strategy & Administration Division.

    Third Party Services Unit

    The Third Party Services Unit is a 1LoD risk function that is responsible to provide a white-glove service by working closely with all business lines and corporate functions to shepherd them through the Third Party Risk Management (TPRM) process, work directly with the Third Parties to perform Due Diligence and to provide oversight of the Third Party Risk Management function.

    Third Party Due Diligence Team (TPDD)

    Third Party Due Diligence (TPDD) is a team in the Third Party Services unit of the Mizuho Americas Business Controls Department, that performs Third Party Risk Assessments in the areas of IS, IT, and BCP for all MUSO entities. TPDD Assessors perform an assessment of the existence and effectiveness of controls in place to identify the risks related to third party service providers as incidents related to third parties can lead to business disruptions, impact clients, raise regulatory concerns, cause reputational damage or incur financial loss.

    Roles and Responsibilities:

    • Perform third party risk monitoring process utilizing BitSight tool to evaluate the cybersecurity posture of Mizuho third and fourth parties.
    • Perform location risk monitoring process of third parties utilizing Supply Wisdom tool to assess risks associated with specific locations such as political stability, security threats, natural disaster, and other factors that may impact business operations.
    • Perform due diligence monitoring activities to ensure that remediation plans are worded appropriately, service locations are updated correctly, Certificate of Insurances (COIs) and Service Organization Controls (SOC) Reports are obtained timely, reassessment due dates of multiple engagements are aligned properly and others.
    • Perform annual assessment for Head Office per the Outsourcing Management of System Development/Operation Procedure.
    • Collaborate with various stakeholders, including third party providers, business units, Legal, Compliance and other teams.
    • Conduct risk assessment to ensure compliance with MUSO Third Party Risk Management (TPRM) and Third Party Risk Assessment Procedures.
    • Perform due diligence review to identify control gaps that identifies the existence and effectiveness of the implemented controls in accordance with MUSO policies and procedures.
    • Assess the risks associated with third-party relationship and identify findings for Mizuho entities
    • Review evidences received from third parties to ensure that the adequacy of controls and provide assurance that the remediation plans effectively closed the identified findings.
    • Perform on-site reviews.
    • Lead process improvement activities, participating in information security assessment special projects and other assessment related activities.
    • Update TPDD Standard Operating Procedure.
    • Assist in gathering assessment result documents needed for an audit

    Qualifications

    The individual will be a part of the Third Party Due Diligence Team and is expected to work remotely with periodic onsite visits to the office. The level of the position is commensurate with the experience and knowledge of the individual selected for the role.

    • Bachelor’s degree in relevant field such as information security, cybersecurity, business administration, finance, or risk management. Relevant certifications (e.g. CTPRA, CTPRP, CISA, CRISC and/or CISSP certification).
    • 3-5+ years in risk assessment, third-party risk management, vendor management in Financial Services, Big 4, Consulting or IT internal audit experience.
    • Knowledge of data analysis, contract review, data privacy, information security, information technology and Business Continuity Plan principles.
    • Ability to identify and assess potential risks and vulnerabilities and ensure evidence is sufficient when assessing the relevant controls.
    • Strong analytical skills with high attention to detail and accuracy.
    • Strong interpersonal and critical thinking skills with the ability to collaborate with others to deliver impactful results.
    • Strong written and verbal communication skills to prepare detailed reports and effectively communicates with stakeholders.
    • Works independently and has sound judgment.
    • Experience with Shared Assessments evaluations.
    • Ability to prioritize tasks and projects to meet deadlines.
    • Proficient in using risk assessment tools (e.g. Archer), monitoring tools (e.g. BitSight and Supply Wisdom)
    • Strong computer skills including advanced knowledge of Microsoft Excel

    The expected base salary ranges from $77,500.00 - $130,000.00. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.

    Other requirements

    Mizuho has in place a remote working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations.

    Company Overview

    Mizuho Americas is a leading financial institution comprising several legal entities, which together offer clients corporate and investment banking, financing, securities, treasury services, asset management, research and more. Mizuho’s operations in the Americas connect a broad client base of major corporations, financial institutions and public sector groups to local markets and a vast global network. Mizuho Americas is an integral part of the Japan-based Mizuho Financial Group, Inc. (NYSE: MFG), which is comprised of offices in nearly 40 countries, approximately 60,000 employees, and assets of more than USD 1.8 trillion. Learn more at mizuhoamericas.com.

    Mizuho Americas offers a competitive total rewards package.

    We are an EEO/AA Employer - M/F/Disability/Veteran.

    We participate in the E-Verify program.

    We maintain a drug-free workplace and perform pre-employment substance abuse testing.

  • Industry
    Financial Services
  • About Us

    We are a leading global bank, with one of the largest customer bases in Japan, and a global network of financial and business centers. We continue to pride ourselves on our "customer first" principle as a centerpiece in servicing both our individual and corporate customers, with the goal of becoming their most trusted bank.