Remote - Head of Third Party Risk Management

Job Description:

We are seeking a strategic and experienced Head of Third-Party Risk Management (TPRM) to lead in overseeing the risk associated with third-party relationships within an organization. This includes developing, implementing and continuously improving risk management frameworks, policies, and controls to ensure that third-party risks are identified, monitored, and mitigated effectively, and in alignment with the risk appetite and business objectives. The ideal candidate will have a strong background in risk management, vendor governance, bank regulatory frameworks and cross-functional leadership.

Responsibilities

• Develop, implement, and mature a TPRM Program that meets banking standards while maintaining the efficiencies expected in FinTech and partner banking.

• Develop and enhance TPRM Risk Assessment frameworks and rating (inherent risk, control effectiveness, and resulting residual risk) approaches that trigger second line risk stripe assessments.

• Establish and evolve third-party risk management policies, standards, and procedures. Ensure alignment with enterprise risk and procurement policies.

• Lead the TPRM team to ensure documentation and execution of questionnaires required by the company and provide clear guidance to the First Line of Defense.

• Ensure the appropriate due diligence on prospective vendors is conducted, including the evaluation of their financial stability, technology security, and compliance posture.

• Develop and deliver regular reporting to senior leadership, board committees and regulatory agencies, including risk dashboards, emerging risk trends, and performance metrics.

• Refine and implement GRC standards and technology to achieve the Third-Party Lifecycle requirements and incorporate ongoing process efficiencies. Deep knowledge of third-party lifecycle management, including due diligence, risk assessments, monitoring, and offboarding.

• Coordinate response and resolution of third-party related incidents or breaches. Escalate risks and issues appropriately to senior management and risk committees.

• Monitor and ensure adherence to applicable laws and regulations (e.g., FFIEC, GDPR, HIPAA, SOX). Act as a point of contact during audits and regulatory exams.

• Consult with business development leaders, C-Suite executives, internal, and external legal counsel, as needed, to address risk issues and contractual expectations.

Qualifications

• 10+ years of experience in risk management, with at least 5 years in third-party or vendor risk oversight, preference for experience in a regulated bank or strong consulting background serving regulated banks.

• Bachelor’s degree and preference for advanced degree, with focus in Risk Management, Business Administration, or a related field.

• Proven leadership experience in building or enhancing third-party risk management programs in a complex organization.

• Strong understanding of regulatory requirements (e.g., Federal Reserve, OCC, FFIEC, GDPR, HIPAA, SOX) and industry standards (e.g., ISO 27001, NIST). Experience at a federal bank regulator a plus.

• Strong analytical skills and a demonstrated aptitude to think creatively and identify new ways to approach common problems.

• Experienced in developing Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), reporting dashboards, and process flows.

• Demonstrated ability to work as a leader in a fast-paced, high-growth and dynamic environment.

• Strong organizational and project management skills to prioritize and balance multiple tasks and drive projects to completion.

• Excellent leader and able to collaborate and influence across the firm.

• High degree of initiative and strong ability to meet principal accountabilities with limited direction and oversight.

• Excellent report and presentation design, preparation and delivery skills.

• Proficient with MS Office Professional programs including Word, Excel, PowerPoint, Outlook and Visio, and GRC tools.

Regular

The targeted base salary for this position is $175,100 to $262,700 per year. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.