Risk Management Intern (Third-Party)
Credit One Bank Internship Program
Intern Title: Third-Party Risk Management Intern
Department: Card Member Administration Management
Early Acceptance Applications: September 13, 2023 – November 15, 2023
Late Acceptance Applications: January 15, 2024 – April 15, 2024
Position Summary
Credit One Bank is looking for a Third-Party Risk Management Intern to contribute to the efforts of our Cardmember Administration Management (CMAM) department by assisting with the organization, administration, and facilitation of its third-party risk management assessment process and business continuity functions. This role will support the leadership with several phases of third-party risk assessments, documentation, and communication, as well as the build-out of the TPRM Governance, Risk, and Compliance (GRC) tool.
Position Requirements:
- Undergraduate Junior (entering junior year) or Senior (must have one semester/quarter remaining).
- Majoring in Business Management, Risk Management, Finance, Cybersecurity, Operations, Engineering, or a related field.
- Present in Las Vegas, NV, for the Summer Internship Program: June 10, 2024 – August 16, 2024 (10-weeks at 40 hours a week).
Summary of Essential Job Functions:
- The intern will perform assessments of all aspects of the provider.
- Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions.
- Develop a comprehensive understanding of the organization's third-party risk management framework and standards.
- Ensure assessments within the company are following known industry frameworks (i.e., PCI-DSS, FFIEC, OCC, ISO, NIST).
- Collaborate with cross-functional teams, including legal, procurement, IT, and business units, to gather necessary information and ensure compliance with risk management processes.
- Assist in developing and enhancing third-party due diligence policies, procedures, and frameworks to improve the effectiveness and efficiency of risk assessment processes continually.
- During the internship, the intern will become familiar with risk assessment methodologies, frameworks, best practices, and the full breadth of cybersecurity domains, particularly as they pertain to third-party risk management.
- Enhance analytical skills to identify and assess potential risks associated with third-party relationships, such as data security, operational vulnerabilities, and regulatory compliance.
Program Dates:
June 10, 2024 - August 16, 2024
Program Goals and Objectives:
- The intern will learn and support the end-to-end third-party implementation process to ensure Credit One’s vendors meet our control standards, including pre-contractual third-party reviews, monitoring controls & risk assessment to identify the required controls and potential risks to remediate, and documenting any remaining risks in the security risk register for post-implementation remediation.
- During the internship, the intern will become familiar with risk assessment methodologies, frameworks, best practices, and the full breadth of cybersecurity domains, particularly as they pertain to third-party risk management.
- Enhance analytical skills to identify and assess potential risks associated with third-party relationships, such as data security, operational vulnerabilities, and regulatory compliance.