Search
Header navigation
Third-Party Risk Management Program Manager

Third-Party Risk Management Program Manager

RBFCU
locationSan Antonio, TX, USA
PublishedPublished: 3/9/2026
Project Management / Professional Services
Full Time

Job Description and Requirements

The Third-Party Risk Management Program Manager will oversee the Third-Party Risk Management (TPRM) Program for the Credit Union. In administering the program, the TPRM Manager will ensure comprehensive risk management and oversight of third-party relationships throughout the entire vendor life cycle. This includes coordination of third-party on boarding, analysis, ongoing monitoring, issue management, off-boarding, program reporting and serving as the liaison with internal stakeholders.

Essential Functions and Responsibilities:

  • Oversee the design and implementation of the Third-Party Risk program to monitor vendor risk in accordance with internal policy and governmental regulatory requirements.
  • Manage workflow processes to guarantee that data and system controls meet internal controls and effectively work together to identify any potential risk.
  • Act as a subject matter expert to assist the organization in identifying and mitigating risks of their third-party relationships and for third-party risk questions and best practices.
  • Collaborate with Business Unit and Vendors that are inherently risk rated Significant or Critical and collect and review appropriate due diligence documentation (SOC Reports, Financial, BC/DR Plans, Complaint Policy, etc.) to adequately assess and determine their Residual Risk exposure to the Credit Union.
  • Collaborate with Business unit and other stakeholders in relation to ensuring all User Entity Controls are reviewed and signed off on.
  • Collaborate with Internal audit and support annual vendor on-going reviews.
  • Serve as a primary liaison to Business Unit, Legal, and Technical Staff on vendor/third-party risk management issues, to define and manage risk, and to proactively enhance the program as necessary for users.
  • Partner with internal teams to implement the relevant risk management policies and procedures, including regulatory and legal requirements.
  • Ensure completeness and accuracy of information maintained on all third-party records.
  • Develop and implement metrics and reporting summaries for the team and management.
  • Monitor vendors for negative news, acquisitions, compliance with service legal agreements, etc. and present information to executive management when warranted.
  • Complete weekly OFAC checks on all parent vendors.
  • Maintain knowledge and understanding of current trends, laws, and issues affecting area of expertise. Attend educational events that will increase professional knowledge and be otherwise beneficial to the Credit Union.
  • All other duties as assigned (note: essential functions and responsibilities may change, or new ones may be assigned at any time with or without notice).

Requirements:

  • Bachelor’s degree
  • Minimum of five years experience related to financial institution compliance, audit, or third-party risk management or nine years of experience related to financial institution compliance, audit, or third-party risk management in leu of Bachelor’s degree
  • Minimum of three years of management experience
  • Ability to oversee a team of employees
  • Demonstrated collaboration, problem solving, and conflict management skills
  • Expertise in addressing needs of a variety of high demand, high pressure projects ranging from design, development, testing and implementation
  • Ability to establish and effectively communicate timelines, process modifications, enhancements, program deliverables, and risk assessments to ensure soundness of vendor management program
  • Ability to work remotely and perform functions independently with minimal supervision
  • Strong Interpersonal and communication skills, with the ability to collaborate effectively with stakeholders
  • Excellent analytical, problem solving, and decision-making skills
  • Relationship Management skills: ability to build and create strong internal/external network across all levels
  • Good understanding of third-party risk management framework, tools, and best practices
  • Highly effective planning and prioritization skills
  • Open to obtaining certifications: Certified Regulatory Vendor Program Manager (CRVPM) I, II, and III

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.