AVP Third Party Risk Program Manager

We’re always looking for bright individuals to join our growing organization. As part of the First Financial Family, we will invest in your development and provide a dynamic work environment where you’re challenged, valued, and empowered every day. We strive to be the best destination for the industry’s top talent, creating a diverse, collaborative workplace that celebrates innovation and change. We are one team, working together to get things done.

The Third-Party Risk Program Manager provides Second Line of Defense support for the Enterprise Risk Management Program (ERM). The incumbent is responsible for all aspects of the Third-Party Risk Management (TPRM) program, including establishing and enhancing the Third-Party Risk Framework, drafting and maintaining TPRM policies and standards, developing and executing annual work plans, conducting periodic risk assessments, and monitoring TPRM lifecycle activities.

The Manager will also prepare aggregated TPRM reports on risk data and analysis.

Abilene, Texas, United States

The Third-Party Risk Program Manager serves as a key advisor to business line management, influencing decisions related to third-party relationships and ensuring alignment with regulatory expectations and industry best practices.

• Establish and enhance the Third-Party Risk Framework, including processes and training appropriate to regulatory requirements.
• Maintain the third-party inventory, assigning current relationship owners, classifying by business impact, and managing due diligence records.
• Update third-party risk management policies and procedures.
• Collaborate with business line management and third-party relationship owners to influence key decisions.
• Develop and execute a third-party risk annual work plan to review and challenge risk identification, assessment, control evaluation, and testing activities.
• Adhere to a consistent risk rating methodology that aligns with ERM standards.
• Conduct periodic risk assessments of third-party risks.
• Stay informed of emerging risks, TPRM regulatory expectations, and industry best practices.

• Manage incoming prospective vendor engagement requests and verify completeness and accuracy of information, ensuring due diligence is performed.
• Coordinate with cross‑functional review teams to integrate findings into final vendor assessments.
• Follow up with third parties regarding incomplete due diligence information or additional questions.
• Perform risk assessments on prospective and existing vendors in accordance with company policies.
• Identify, develop, and monitor issues, tracking them through completion.
• Leverage existing tools and processes to conduct periodic and ongoing vendor monitoring.
• Support vendor risk reporting for management and committees as required.
• Provide third‑party risk management guidance to line‑of‑business staff.
• Ensure completeness of central documentation of the company‑wide third-party population.
• Prepare aggregated third-party risk reports.
• Keep abreast of current industry tools, trends, and regulatory requirements.
• Review contracts and ensure appropriate confidentiality agreements are in place.

• Assist with new product management risk assessment processes.
• Assist with RCSA quarterly reviews in the context of third-party risk management.
• Address assigned issues with business line owners, including root cause analysis, mitigation planning, progress tracking, and verification of completion.
• Review internal policies, standards, and procedures to validate compliance with regulatory and business requirements.

• Support regulatory examination and audit preparation.
• Complete compliance training related to the position in a timely manner.
• Understand and comply with applicable laws and regulations.
• Safeguard First Financial and customer information.
• Comply with the bank’s Code of Business Conduct and Ethics and Information Security policies.
• Perform other duties and special projects as assigned.
• Actively participate in the service culture, support the…