Associate, Third-Party Vendor Due Diligence

Job SummaryThe Third-Party Vendor Due Diligence role will be responsible for evaluating and assessing the controls of a third-party, including the technology and information system controls, as part of the Bank’s due diligence process. Their primary objective is to assess the risk that third parties bring to the bank, including assessing the IT infrastructure, systems, controls and related assets to help the Bank make informed decisions regarding the governance and oversight of third parties at the Bank.ResponsibilitiesConduct comprehensive due diligence reviews on the Bank’s fintech clients and vendors, including but not limited to technology systems, cybersecurity, data management, and IT policies.Identify and assess potential IT-related risks associated with prospective clients and vendors. Provide recommendations for risk mitigation. Prepare detailed reports and documentation summarizing findings and assessments, ensuring clarity and accuracy to be presented to various Bank committees. Ensure that the technology and IT practices of potential clients and vendors align with relevant industry regulations and compliance standards. Evaluate third-party vendors and service providers used by potential partners to assess their impact on overall IT and security posture. Collaborate with cross-functional teams, including compliance, legal, finance, and business units, to integrate IT due diligence findings into decision-making processes. Stay up-to-date with industry trends, emerging technologies, and cybersecurity threats to provide informed insights during due diligence processes. Conduct calls with Bank clients. Follow up with clients and vendors to obtain missing due diligence documentation.Report due diligence review conditions to the Third-Party Governance & Oversight team.Gather audit & exam request documentation as requested.Knowledge, Skills, And AbilitiesStrong analytical and problem-solving skills to evaluate complex technology systems and identify potential risks.Excellent written and verbal communication skills to convey technical information to non-technical stakeholders effectively.Familiarity with relevant financial industry regulations and industry standards (e.g., GDPR, PCI DSS, SOC, etc.).Knowledge of IT infrastructure, cybersecurity, cloud computing, and emerging technologies.Meticulous attention to detail when conducting assessments and preparing reports.Ability to work in a fast-paced environment and adapt to evolving technology landscapes.A strong commitment to ethical conduct and the highest standards of professionalism.Knowledge of fintech products and services.Understanding of IT tools, concepts, methodologies and techniques. Proficient in Microsoft Office Suite or related software Education, Training, and Experience: Bachelor’s degree in Computer Science, Information technology, Finance, or a related field. A relevant master’s degree or professional certifications (e.g., CISA, CISM, CISSP) is a plus.Minimum of 3-5 years of experience in IT due diligence, IT audit, risk assessment, or a related field. Experience in fintech industry or banking sector is highly desirable.About Community Federal Savings Bank (CFSB)Community Federal Savings Bank (CFSB) is a federally chartered bank founded in 2001 and headquartered in New York City. CFSB has focused on providing superior service and added value to clients though a solid understanding of relationship banking. We offer a full range of services, including loans, bill payments, card services, internet banking, and merchant processing.We are an equal opportunity employer and do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, military and/or veteran status, or any other Federal or State legally-protected classes.