Director of IT Vendor Management

About The Position

Requirements

• 12+ years of technology vendor management experience in financial services.
• Demonstrate extensive hands-on experience managing complex, fact-evolving vendor ecosystems, including SaaS, cloud-native, API-driven, and AI-enabled platforms used across financial services.
• Demonstrated ability to evaluate emerging technology vendors (e.g., AI/ML providers, RegTech, and workflow automation platforms) and conduct deep-dive due diligence for operational resilience, data governance, and regulatory alignment.
• Hands-on oversight of vendors with embedded or integrated technologies such as AI-powered decision engines, fraud detection & analytics, BSA & KYC/AML automation, or cloud-based microservices supporting critical banking functions.
• Experience managing vendor concentration and systemic risk.
• Ability to interpret and challenge vendor control environments across cybersecurity, AI governance, privacy, operational resilience, and third-party sub-dependency management.
• Deep knowledge of regulatory requirements for third-party risk management.
• Experience leading vendor due diligence, including cybersecurity, operational & technology risk, data risk, and operational resilience.
• Strong contract negotiation skills and knowledge of digital transformation programs involving modernization of core banking, wire/payments, lending, or compliance systems using third-party vendor solutions.
• Knowledge of IT controls and frameworks (NIST, CRI, ISO 27001, SOC 1/2).
• Ability to interpret SOC reports.
• Strong stakeholder management and written/communication skills.
• Applicants must have legal authorization to work in the United States.
• We do not offer visa sponsorship at this time.

Nice To Haves

• Bachelor’s degree in IT, Business, or related field; Master’s preferred.
• Certifications such as CTPRP, CRVPM, CISM, CISSP, CRISC, and PMP are beneficial.
• Experience implementing vendor management tools (Archer, ServiceNow VRM, Coupa, Fusion).

Responsibilities

• Vendor Governance & Oversight Lead the first‑line IT vendor management program: Own governance, performance monitoring, and lifecycle oversight for all technology and technology-dependent business vendors.
• Establish and maintain vendor segmentation: Classify vendors by criticality, risk tier, and regulatory impact.
• Ensure compliance with regulatory expectations: Align with OCC, FRB, FDIC, CFPB, and FFIEC guidance for third-party risk management.
• Enhance/strengthen vendor policies and standards: Ensure alignment with enterprise risk frameworks and technology control requirements in a fast-evolving vendor landscape.
• Oversee end-to-end vendor lifecycle: Due diligence, onboarding, contracting, performance monitoring, issue management, renewal, and termination.
• Conduct technology-focused due diligence: Evaluate cybersecurity, resilience, data handling, cloud architecture, and operational controls.
• Partner with business owners: Ensure business-owned vendors with technology dependencies meet enterprise standards.
• Manage contract negotiations: Lead commercial, SLA, and risk-related negotiations with major vendors.
• Monitor vendor performance and SLAs: Track KPIs, service delivery, incident response, and remediation.
• Coordinate technology assessments: Work with InfoSec, Architecture, and Technology Risk to validate vendor controls.
• Oversee issue and incident management: Ensure timely remediation of vendor-related technology issues, outages, or control gaps.
• Support resilience and continuity planning: Validate vendor BCP/DR capabilities and alignment with bank requirements.
• Serve as first-line risk owner for vendor risk: Identify, assess, and mitigate risks associated with technology vendors.
• Prepare executive and regulatory reporting: Provide dashboards, risk summaries, and board-level reporting.
• Ensure audit readiness: Support internal audit, regulatory exams, and independent testing.
• Managing vendor concentration and systemic risk: vendor risk mitigation to eliminate/minimize SPOF (single point of failure).
• Drive continuous improvement: Enhance processes, tools, and controls to strengthen vendor oversight.
• Lead a small, high-performing vendor management team: Provide coaching, direction, and subject‑matter expertise.
• Partner with cross-functional stakeholders: Technology, Procurement, Legal, Compliance, Risk, Finance, and Business Units.
• Represent vendor management in governance forums: Risk committees, architecture councils, and operational reviews.
• May perform other duties as assigned