AVP, Third-Party Risk Management

Merrick BankSouth Jordan, UT
Onsite

About The Position

The Assistant Vice President, Third-Party Risk Management (“TPRM”) is responsible for leading key components of the execution, oversight, and strategic enhancement of Merrick Bank’s (“Bank”) Third-Party Risk Management Program. This role partners across the first and second lines of defense to ensure risks arising from third-party relationships are effectively identified, assessed, monitored, and reported in alignment with regulatory requirements, internal policies, and the Bank’s risk appetite. The AVP serves as a senior program leader responsible for advancing enterprise TPRM strategy, strengthening risk governance, driving consistent risk practices, and delivering actionable insights to senior management and risk governance committees.

Requirements

  • Bachelor’s degree in Risk Management, Finance, Business Administration, Accounting, or a related field required; advanced degree or professional certification, such as CTPRP, CTPRA, CRVPM, CRMA, FRM, CPA, OR CIA preferred.
  • Minimum of 8 years of progressive experience in Third-Party Risk Management, Enterprise Risk Management, Operational Risk, or a related risk discipline within a financial services or regulated environment, including experience leading program initiatives, risk governance routines, and team members
  • Strong expertise in enterprise risk reporting, including development of executive and Board level materials, risk dashboards, metrics, and written risk summaries.
  • In-depth knowledge of third-party risk regulatory requirements and industry standards, including full TPRM lifecycle.
  • Demonstrated experience aggregating and synthesizing complex risk information into clear, concise, and decision useful reporting for senior management and Boards.
  • Solid understanding of ERM frameworks, risk governance practices, and regulatory expectations applicable to banking and financial services organizations.
  • Proven ability to work cross functionally, influence stakeholders, and partner effectively with both first and second line teams.
  • Excellent written and verbal communication skills, with a strong attention to detail and the ability to translate technical risk concepts into business focused insights.
  • Experience with ERM systems and risk data repositories (e.g., risk assessment tools, issue management systems, reporting platforms) strongly preferred.
  • Responsible for complying with all the Bank’s internal control policies and procedures.
  • Responsible for understanding and complying with all laws and regulations to which the Bank is subject.
  • Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts.

Nice To Haves

  • advanced degree or professional certification, such as CTPRP, CTPRA, CRVPM, CRMA, FRM, CPA, OR CIA preferred.

Responsibilities

  • Lead the execution and ongoing enhancement of the Bank’s Third-Party Risk Management framework, ensuring alignment with regulatory expectations and internal governance standards.
  • Oversee risk-based third-party due diligence, risk assessments, and ongoing monitoring activities across the full third-party lifecycle, ensuring consistent, defensible, and risk-informed outcomes.
  • Partner with business units, Vendor Relationship Owners, and Subject Matter Experts to identify, assess, and mitigate risks associated with third-party relationships.
  • Provide senior level review and challenge of third-party risk assessments, ensuring conclusions are evidence-based, appropriately documented, and escalated when risk exposure exceeds defined thresholds.
  • Monitor third-party performance, control effectiveness, and risk indicators, escalating issues, control gaps, and emerging risks in accordance with established governance protocols.
  • Lead the design, development, and maintenance of TPRM policies, procedures, standards, and workflows to support a consistent enterprise-wide operating model.
  • Define and Deliver executive, committee, and Board-level reporting that provides clear visibility into third-party risk exposure, trends, issues, concentrations, and emerging risks.
  • Collaborate with Legal, Procurement, Information Security, Compliance, and business stakeholders to ensure appropriate contract provisions, controls, and risk mitigation strategies are implemented.
  • Lead TPRM responses for regulatory exams, internal audits, and independent reviews, including documentation, analysis, issue remediation, and management responses.
  • Drive the TPRM program maturity roadmap, including process improvements, automation, data quality, GRC optimization, regulatory alignment, and adoption of industry best practices.
  • Leads, develops, and mentors TPRM teams, promoting strong risk culture, accountability, high performance, and continuous improvement.
  • Partner with ERM leadership to establish TPRM priorities, roadmap initiatives, governance routines, and success measures aligned to enterprise risk strategy and business objectives.
  • Identify and escalate third-party concentration risk, critical vendor risk, fourth-party risk, control gaps, and emerging risk themes to appropriate governance forums.
  • Delivers executive, committee, and Board level risk reporting, including dashboards and risk insights that support informed decision making and effective oversight.
  • Owns continuous improvement of TPRM tools, data, workflows, reporting, and GRC system capabilities to improve efficiency, transparency, data integrity, and regulatory readiness.
  • Performs other duties as assigned.

Benefits

  • Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
  • Benefits Package -Medical, Dental, and Vision (plus much more)
  • 401(k) Plan with Company Match
  • Short- & Long-Term Disability
  • Wellness Programs
  • Group Life and AD&D Insurance
  • Paid Vacation, Sick Days and bank Holidays
  • Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service