Business Risk Program Manager-Vendor Management/TPRM (Remote)

Overview

This is a remote role that may be hired in several markets across the United States.

Enterprise Technology & Operations, Business Risk & Controls is seeking an experienced Vendor Management Professional with a strong background in Third-Party Risk Management (TPRM) to join our team. The ideal candidate will have experience in vendor oversight, risk assessment, and contract governance. Additionally, strong skills in reporting, data analysis, and risk metrics tracking are essential for this role.

As a first line of defense risk professional, this position is responsible for the support and execution of various risk programs and activities within a Business Unit (BU), adhering to the Bank's Risk Appetite and Corporate Strategy. Supports the management of business risks and controls across all risk types along with the execution of risk policies, standards, procedures and/or program requirements. Assists communication between the business, the 2nd & 3rd line, and regulators.

• Supporting one or more business lines the candidate will oversee vendor lifecycle management, including due diligence, risk assessments and performance monitoring.
• Partner with SME's, Business Lines and their Risk Managers to ensure regulatory and security standards assessments are conducted and ingested appropriately.
• Develop and maintain risk metrics, dashboards, and reports to track vendor performance and risk exposure.
• Develop and maintain Executive reporting dashboards as well as operational content supporting business line service managers stay ahead of their vendor related commitments.
• Collaborate with internal teams (Legal, Second Line, Sourcing, and IT Security) to ensure vendor risks are appropriately identified and mitigated.
• Supports and drives process improvements and automation initiatives to enhance vendor oversight via risk reporting & analytics.
• Support audits and exams as necessary
• Business Risk & Controls Knowledge and Expertise - Develops and maintains a deep understanding of the complexities inherent in the organization's business environment, including industry markets, products, services, client-base and competitive landscape. Ability to analyze and interpret business trends and drivers to identify underlying patterns, interdependencies and emerging opportunities. Collaborates with cross-functional teams to assess the impact of external factors including regulatory changes, market disruptions or business operations and strategy.
• Risk Program Execution - Supports the implementation and maintenance of the BU's risk management framework. Assists in the composition and regular maintenance of policies, standards and procedures that support risk program execution. Supports a book of work to identify gaps and assess capacity, ensuring alignment with strategic objectives and prioritization of risk management initiatives. Aids in the tracking and resolution of issues across the organization, ensuring timely escalation and remediation. Produces regular metric-focused and thematic updates that detail the effectiveness of issue remediation efforts. Coordinates with other functions (i.e. Compliance, 2LOD) to ensure alignment with broader risk management and governance objectives.
• Regulatory Engagement - Supports regulatory inquires, examinations, and audits in collaboration with internal stakeholders. Coordinates regulatory submissions, response, and report requirements, ensuring accuracy, completeness, and timely submission.
• Risk Governance & Reporting - Maintains risk reporting frameworks, dashboards and metrics to provide senior management with timely and actionable insights into risk profile and risk management activities. Prepares regular risk reports and presentations summarizing key risk indicators, risk trends, emerging risks, and risk mitigation efforts for financial and non-financial risk stripes.

• Knowledge of risk techniques, practices, and control frameworks,
• Knowledge of various banking and government regulatory requirements and processes,
• Knowledge of regulatory guidance pertaining to enterprise risk and operational risk,
• Ability to work effectively with associates, senior management, and various committees
• 10+ years of experience in vendor management, third-party risk, procurement, or governance.
• Experienced in use and optimization of a contingent workforce
• Strong knowledge of risk management frameworks, regulatory requirements, and compliance standards (e.g., GDPR, SOC 2, ISO 27001, NIST).
• Proficiency in data analysis and reporting tools (Excel, Tableau, Power BI, SQL) to interpret vendor risk trends and KPIs.
• Experience with vendor risk management platforms (e.g., Archer, OneTrust, ProcessUnity, Coupa, or similar).
• Strong analytical, problem-solving, and communication skills.
• Experience in highly regulated industries (finance, healthcare, technology)