Associate Director Third-Party Risk

As a ERM Associate Director you'll work within the bank’s second line of defense and will be responsible for the development, implementation and enhancement of the Third-Party Risk Management (TPRM) and Emerging Technology Risks. The successful candidate will play a critical role in enhancing and executing the bank's third-party risk management framework in accordance with industry best practices and regulatory requirements set forth by the Federal Reserve Board (FRB), the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC). This role will operate in a highly collaborative team environment to deliver risk management assessments and guidance to Third-Party Management Services (TPMS), Technology, Digital Assets Group (DAG) and other first line teams. The Director will also be responsible for effectively collaborating with key stakeholders across business line and the three lines of defense to ensure risks are managed effectively and efficiently, in accordance with the company policies and related regulatory requirements. As an Associate Director for Third-Party Risk Management you will develop and execute methods to measure and quantify risk. This role will be responsible for the implementation of the Open FAIR methodology, developing reporting and monitoring of risk in the WAL environment, overseeing risk assessments, and control reviews. This role requires strategic thinking, a background in technology and/or information security operations, third-party operational functions, an understanding of banking regulations and experience in enterprise risk management. Your contributions to the organization will help drive maturity across the enterprise through effective collaboration and communication with your partners. Partner with other second line of defense subject matter experts to ensure proper effective challenge is performed on risk and control inventories and assessments. Ensure effective implementations of the Bank’s operational risk management programs through training, awareness and monitoring. Lead and develop a team; responsible for hiring, coaching, performance management, training and development. Proactively works with business unit management to identify and assess third-party, technology and cybersecurity risks associated with business activities, ensuring alignment with Enterprise and Operational Risk Frameworks. Advising lines of business on risks and control requirements related to new products and services, business initiatives, and outsourced third party activities, including applicable metrics (e.g., KRIs, Tolerances). Focus on the implementation of the Open FAIR methodology to help increase risk quantification for technology, cybersecurity and third-party risks. Conducts a robust Review and Challenge process in evaluating and reviewing business processes, risk profiles, risk indicators, controls, remediation plans, etc., to ensure alignment with WAL’s Enterprise and Operational Risk programs, policies and practices. Ensure WAL policies and procedures and associated technology and cybersecurity risk programs are consistent with current applicable banking rules, regulations, and laws. Monitors and assesses for any new or amended requirements. Acts as Third-Party and Emerging Technology Risk Subject Matter Expert on assigned committees and working groups, developing a positive working relationship with internal clients, staff, peers, and senior management. Oversight of Digital Assets Group activities at Western Alliance, leveraging an understanding of blockchain technology and cryptocurrency ecosystems. Ownership of Emerging Technology risk identification, including knowledge of Artificial Intelligence (AI), and management of the AI working group. Lead and develop a team of risk professionals who will perform risk assessments, control reviews, issue identification and risk reporting. Perform Targeted Assessments for relevant 1LOD functions. This would leverage industry frameworks (NIST, ITIL, COBIT, etc.), and relevant regulations to develop a second line opinion regarding the overall effectiveness of assessed first line functions.