Manager - Third Party Risk Mgmt

Position: Manager - Third Party Risk Mgmt.
Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.

Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.
** Overall Purpose
** This pivotal role demands a proactive and experienced Third-Party This person will champion a culture of accountability and partnership, directly safeguarding EWS through robust enforcement of TPRM policies, meticulous control monitoring, and precise alignment with stringent regulatory expectations, including FFIEC, OCC, and other applicable financial regulations.
** Key Responsibilities and Essential Functions
** The second line of defense in Third-Party Risk Management (TPRM) is an oversight and support function that helps the first line of defense manage risks effectively and ensures compliance with internal policies and external regulations.

Key responsibilities include:

* ** Establishing the TPRM Framework:
** Designing, developing, and owning the overall third-party risk management framework, policies, procedures, and tools that guide the organization's risk management efforts.
* ** Providing Guidance and Expertise:
** Offering support, expertise, and training to the first line (e.g., vendor managers, business units) on how to identify, assess, and manage risks in their daily operations.
* ** Oversight and Monitoring:
** Monitoring the first line's risk management activities and the implementation of controls to ensure they are operating effectively and consistently across the organization.
* ** Challenging First-Line Assessments:
** Reviewing and challenging risk assessments, risk mitigation plans, and other deliverables from the first line to ensure quality and thoroughness.
* ** Ensuring Compliance:
** Identifying applicable laws and regulations, translating them into practical policies, and ensuring that third-party relationships adhere to relevant legal and regulatory standards (e.g., GDPR, NIST, ISO 27001).
* ** Identifying Emerging Risks:
** Monitoring changes in the internal and external threat landscape to detect new or emerging risks that could impact third-party relationships and adapting strategies accordingly.
* ** Reporting:
** Consolidating risk information and reporting on the organization's overall risk exposure, control effectiveness, and compliance posture to senior management and the board.
** Minimum Qualifications
*** Education and/or experience typically obtained through completion of a bachelor’s degree in relevant discipline.
* A minimum of 8 + years of direct/ related experience is required
* Demonstrated experience in third party risk management, operational risk, or other risk management role with knowledge of third-party regulatory requirements.
* Process driven, an excellent communicator and able to develop approaches that scale
* Strong attention to detail and highly results oriented.
* Excellent communication skills and ability to influence and guide others.
* Background and drug screen.

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow instructions and perform other related duties as assigned by their supervisor.
** Preferred Qualifications
*** Prior financial institution experience in third party risk management and an understanding of contractual arrangements with third parties.
* Experience in data gathering, analysis and problem-solving skills.
* Certified Regulatory Vendor Program Manager (CRVM)
* Certified Third Party Risk Professional (CTPRP)
* Other industry relevant certifications.
* Project or Process management experience.
* Professional information security certification (e.g., Certified Information Security Manager- CISM, Certified Information Systems Security Professional – CISSP, Certified Information Systems Auditor-CISA, Certified Third Party Risk Professional- CTPRP).
* Experience with Shared Assessments Standard Information Gathering Questionnaire (SIG) and processes.
** Physical Requirements
** Working conditions consist of a normal office environment. Work is primarily sedentary and requires extensive use of a computer and involves sitting for periods of approximately four hours. Work may require occasional standing, walking, kneeling, and reaching. Must be able to lift 10 pounds occasionally and/or negligible amount of force frequently. Requires visual acuity and dexterity to view, prepare, and manipulate documents and office equipment including personal computers.

Requires the ability to communicate with internal and/or external customers.
Employee must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.

The base pay scale for this position in:  Phoenix, AZ in USD per year is: $104,000 - $130,000.
Additionally, candidates are eligible for a discretionary…