Manager - Third Party Risk Mgmt.

About The Position

Requirements

• Education and/or experience typically obtained through completion of a bachelor’s degree in relevant discipline.
• A minimum of 8 + years of direct/ related experience is required
• Demonstrated experience in third party risk management, operational risk, or other risk management role with knowledge of third-party regulatory requirements.
• Process driven, an excellent communicator and able to develop approaches that scale
• Strong attention to detail and highly results oriented.
• Excellent communication skills and ability to influence and guide others.
• Background and drug screen.

Nice To Haves

• Prior financial institution experience in third party risk management and an understanding of contractual arrangements with third parties.
• Experience in data gathering, analysis and problem-solving skills.
• Certified Regulatory Vendor Program Manager (CRVM)
• Certified Third Party Risk Professional (CTPRP)
• Other industry relevant certifications.
• Project or Process management experience.
• Professional information security certification (e.g. Certified Information Security Manager- CISM, Certified Information Systems Security Professional – CISSP, Certified Information Systems Auditor-CISA, Certified Third Party Risk Professional- CTPRP).
• Experience with Shared Assessments Standard Information Gathering Questionnaire (SIG) and processes.

Responsibilities

• Establishing the TPRM Framework: Designing, developing, and owning the overall third-party risk management framework, policies, procedures, and tools that guide the organization's risk management efforts.
• Providing Guidance and Expertise: Offering support, expertise, and training to the first line (e.g., vendor managers, business units) on how to identify, assess, and manage risks in their daily operations.
• Oversight and Monitoring: Monitoring the first line's risk management activities and the implementation of controls to ensure they are operating effectively and consistently across the organization.
• Challenging First-Line Assessments: Reviewing and challenging risk assessments, risk mitigation plans, and other deliverables from the first line to ensure quality and thoroughness.
• Ensuring Compliance: Identifying applicable laws and regulations, translating them into practical policies, and ensuring that third-party relationships adhere to relevant legal and regulatory standards (e.g., GDPR, NIST, ISO 27001).
• Identifying Emerging Risks: Monitoring changes in the internal and external threat landscape to detect new or emerging risks that could impact third-party relationships and adapting strategies accordingly.
• Reporting: Consolidating risk information and reporting on the organization's overall risk exposure, control effectiveness, and compliance posture to senior management and the board.

Benefits

• Healthcare Coverage – Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Paid Time Off – Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
• 12 weeks of Paid Parental Leave
• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.