Director, Third Party Risk Management

T. Rowe Price•Owings Mills, MD

1d•Hybrid

About The Position

At T. Rowe Price, we identify and actively invest in opportunities to help people thrive in an evolving world. As a premier global asset management organization with more than 85 years of experience, we provide investment solutions and a broad range of equity, fixed income, and multi-asset capabilities to individuals, advisors, institutions, and retirement plan sponsors. We take an active, independent approach to investing, offering our dynamic perspective and meaningful partnership so our clients can feel more confident. We believe doing the right thing for our clients and our associates is good business. With a career at the firm, you can expect opportunities to create real impact at work and in your community. You’ll enjoy resources to support your career path, as well as compensation, benefits, and flexibility to enrich your life. Here, you’ll find a collaborative culture that respects and values differences and colleagues who share a spirit of generosity. Join us for the opportunity to grow and make a difference in ways that matter to you. Role Summary The Director – Third Party Risk Management is a Second Line of Defense (2LoD) leadership role responsible for the strategic development, oversight, and ongoing maturation of the firm’s Third Party Risk Management (TPRM) program. Reporting to the Head of Privacy & TPRM, this role is regarded as a subject matter expert in third-party risk and plays a key role in shaping the firm’s risk strategy, governance framework, and operating model following the implementation of an outsourced TPRM capability. The Director provides independent oversight, credible challenge, and assurance over first-line and outsourced TPRM activities, while building a sustainable, regulator-ready 2LoD function aligned with the firm’s risk appetite and regulatory expectations.

Requirements

Bachelor’s degree in Risk Management, Information Systems, Finance, Business, Law, or a related field.
10+ years of experience in third-party risk management, operational risk, or compliance, with significant experience in a 2LoD capacity within financial services or asset management (or other industry subject to equivalent re ulatory scrutiny).
Demonstrated experience designing, implementing, or maturing a TPRM program, including oversight of outsourced or co-sourced models.
Deep understanding of regulatory expectations for third-party risk (e.g., SEC, FINRA, global regulators).
Proven ability to operate as a trusted expert and strategic advisor to senior leadership.
Required Certifications (at least one): Certified Third Party Risk Professional (CTPRP) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA)

Nice To Haves

Advanced degree (MBA, JD, or equivalent).
Experience supporting global or complex vendor ecosystems.
Additional certifications: ISO 27001 Lead Implementer or Auditor PMP or equivalent program management certification Experience leveraging AI, automation, or advanced analytics in TPRM oversight (e.g., Microsoft Co-Pilot, ChatGPT Enterprise).
Tools & Technology (Preferred) Extensive experience with TPRM and GRC platforms (e.g., ServiceNow, Coupa).
Strong executive-level reporting and data visualization skills (e.g., Power BI).
Experience implementing metrics, KRIs, and dashboards aligned to risk appetite.

Responsibilities

TPRM Strategy & Program Leadership: Serve as the firm’s subject matter expert on third-party risk management. Contribute to the development and execution of the firm’s TPRM strategy, roadmap, and target-state operating model. Lead the build-out and continuous improvement of a 2LoD TPRM function following outsourcing of due diligence and periodic reviews. Define and maintain TPRM policies, standards, risk methodologies, and oversight frameworks aligned with regulatory expectations and industry best practices. Ensure alignment of the TPRM program with enterprise risk appetite and governance structures. Lead assessment of emerging third party risks and technologies, including AI, and integrate findings into TPRM strategy, governance, and executive reporting.
Oversight of Outsourced & First-Line TPRM Activities: Provide independent oversight and effective challenge of outsourced TPRM service providers, including due diligence execution and ongoing monitoring. Oversight of monitoring activities related to SLAs, KPIs, quality assurance standards, and performance metrics for outsourced partners. Report on systemic control gaps, concentration risk, and emerging third-party risk themes across the vendor population. Escalate material third-party risk issues and control deficiencies through appropriate governance and risk committees.
Risk Governance, Reporting & Regulatory Readiness: Design and deliver executive and board-level reporting on third-party risk, including trends, emerging risks, and risk appetite breaches. Lead TPRM-related regulatory exams, internal audits, and management assurance activities. Ensure TPRM documentation, evidence, and reporting are audit- and exam-ready. Partner with Enterprise Risk, Compliance, Legal, Information Security, Procurement, and Technology while maintaining 2LoD independence.
Leadership & Capability Development: Provide leadership, guidance, and technical mentorship to TPRM risk analysts and managers. Establish clear roles, responsibilities, and RACI alignment across 1LoD, 2LoD, and outsourced providers. Drive adoption of data-driven, AI-enabled reporting and analytics to enhance risk insight and oversight efficiency. Promote a strong risk culture and consistent application of third-party risk standards across the firm.

Benefits

Competitive compensation
Annual bonus eligibility
A generous retirement plan
Hybrid work schedule
Health and wellness benefits, including online therapy
Paid time off for vacation, illness, medical appointments, and volunteering days
Family care resources, including fertility and adoption benefits

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume