1

Third Party Risk Management Manager Jobs in Oregon

As the Manager, Third Party Risk Management at Upstart, you will lead the day-to-day execution of the bank's third-party risk management program and oversee a team responsible for risk assessments ...

As a Senior Third Party Risk Analyst, you'll play a critical role in ensuring the security ... NIST AI Risk Management Framework (AI RMF) * ISO 42001 * Prior experience with TPRM / GRC platforms ...

... management program and risk governance, and for providing independent oversight and credible challenge across all core risk categories- including operational risk, third party risk, technology and ...

OR · On-site

Identify the most important customer problems related to SaaS supply chain risk, third-party access ... Required qualifications * 7+ years of Product Management experience, ideally in B2B SaaS ...

... third-party risk management. --- Primary Location: Remote Primary Location Salary Range: $75/hr - $150/hr --- Responsibilities * Assimilate and manage complex data into actionable reports and ...

$125K - $168K/yr

Vendor/third-party risk coordination: Collaborate on third-party due diligence and contracting controls impacting compliance, privacy, and security obligations. * Litigation management support: In ...

next page

Showing results 1-20

Third Party Risk Management Manager information

What does a Third Party Risk Management Manager do?

A Third Party Risk Management Manager is responsible for identifying, assessing, and mitigating risks associated with an organization's external vendors, suppliers, and partners. They develop and implement processes to evaluate the security, compliance, and operational risks posed by third parties. Their role also includes ongoing monitoring, conducting due diligence, and ensuring that third-party relationships align with the company’s risk tolerance and regulatory requirements.

How does a Third Party Risk Management Manager typically collaborate with other departments to ensure effective risk mitigation?

A Third Party Risk Management Manager works closely with departments such as Procurement, Legal, IT Security, and Compliance to assess and mitigate risks associated with vendors and external partners. This collaboration often involves facilitating risk assessments, sharing due diligence findings, and coordinating incident response plans. Regular cross-departmental meetings and clear communication channels are essential to ensure that third-party risks are properly understood and managed throughout the organization.

What is the difference between Third Party Risk Management Manager vs Vendor Risk Manager?

AspectThird Party Risk Management ManagerVendor Risk Manager
CertificationsCRMP, CTPRP, or similarCRMP, CTPRP, or similar
Work EnvironmentFinancial institutions, corporations, regulated industriesFinancial services, healthcare, technology companies
Industry UsageCommon in industries with complex third-party relationshipsFocused on vendor-specific risk assessments

The Third Party Risk Management Manager and Vendor Risk Manager roles share similar certifications and often operate in regulated industries. The main difference lies in scope: the Third Party Risk Management Manager oversees all third-party relationships, including vendors, partners, and contractors, while the Vendor Risk Manager primarily focuses on assessing and mitigating risks associated with vendors specifically. Both roles are essential for organizations aiming to ensure compliance and manage third-party risks effectively.

What are the key skills and qualifications needed to thrive as a Third Party Risk Management Manager, and why are they important?

To excel as a Third Party Risk Management Manager, you need a strong understanding of risk assessment, vendor management, and compliance, typically backed by a degree in business, finance, or a related field. Familiarity with risk management frameworks, tools like RSA Archer or ServiceNow, and certifications such as CTPRP or CISM are often required. Strong analytical thinking, communication, and negotiation skills help manage complex stakeholder relationships and convey risk effectively. These competencies are crucial to identifying, mitigating, and communicating third-party risks, ensuring organizational resilience and regulatory compliance.
What are the most commonly searched types of Third Party Risk Management jobs in Oregon? The most popular types of Third Party Risk Management jobs in Oregon are:
What are popular job titles related to Third Party Risk Management Manager jobs in Oregon? For Third Party Risk Management Manager jobs in Oregon, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Management Manager jobs in Oregon look for? The top searched job categories for Third Party Risk Management Manager jobs in Oregon are:
Manager, Third Party Risk Management

Manager, Third Party Risk Management

Upstart

OR • On-site, Remote

Other

Posted 17 days ago


Job description

The Team: 

Upstart's Risk team is building its second line of defense function in support of its application to establish Upstart Bank, N.A., a de novo national bank. The team is responsible for Upstart's enterprise risk management program and risk governance, providing independent oversight and credible challenge across key risk categories including operational risk, third-party risk, technology and information security risk, treasury risk, and compliance risk. The Risk team partners closely with business leaders, executive management, and the Board to ensure material risks are effectively identified, assessed, monitored, and governed in alignment with OCC, FDIC, and interagency regulatory expectations.

As the Manager, Third Party Risk Management at Upstart, you will lead the day-to-day execution of the bank's third-party risk management program and oversee a team responsible for risk assessments, due diligence, ongoing monitoring, and vendor oversight activities. You will play a key role in ensuring the program remains scalable, exam-ready, and aligned with evolving regulatory expectations while supporting the growth of Upstart Bank.

How you'll make an impact

  • Lead execution of the bank's end-to-end third-party risk management program, including risk-tiered due diligence, onboarding risk assessments, ongoing monitoring, and offboarding activities across all vendor tiers.
  • Manage and develop the Third-Party Risk Management team by setting priorities, providing coaching, and ensuring consistent, high-quality risk assessments and oversight activities.
  • Serve as the primary second-line escalation point for elevated or complex third-party risk matters, providing risk-based recommendations and ensuring issues are appropriately documented, tracked, and resolved.
  • Maintain and enhance third-party risk management frameworks, risk tiering methodologies, assessment templates, and governance processes to support a scalable, risk-based program.
  • Partner with Legal, Compliance, Information Security, Affiliate Risk, and business stakeholders to ensure consistent application of third-party risk standards throughout the vendor lifecycle.
  • Lead regulatory examination readiness and support responses to OCC, FDIC, internal audit, and external audit inquiries related to third-party risk management.

Minimum Qualifications 

  • Bachelor's degree or equivalent practical experience.
  • 6+ years of experience in third-party risk management, compliance, audit, operational risk, or a related risk discipline within a banking or financial services environment.
  • Experience leading a third-party risk management program, including risk assessments, due diligence reviews, ongoing monitoring, and issue management across a multi-vendor portfolio.
  • Knowledge of OCC, FDIC, and interagency guidance related to third-party relationships and risk management, including the 2023 Interagency Guidance on Third-Party Relationships: Risk Management.
  • Experience assessing and managing risks associated with multiple third-party relationship types, including suppliers, lending partners, affiliates, and technology service providers.

Preferred Qualifications

  • Direct experience supporting OCC or FDIC regulatory examinations related to third-party risk management.
  • Experience leading or developing risk, compliance, audit, or third-party risk professionals.
  • Knowledge of affiliate risk oversight requirements, including Regulation W and related regulatory expectations.
  • Experience operating within a fintech, digital banking, or technology-intensive environment, including oversight of cloud, SaaS, and other technology service providers.
  • Experience using governance, risk, and compliance (GRC) platforms to support third-party risk assessments, issue management, workflow automation, and ongoing monitoring activities.

Position location This role is available in the following locations: Remote 

Time zone requirements The team operates on the East/West coast time zones. 

Travel requirements As a digital first company, the majority of your work can be accomplished remotely. The majority of our employees can live and work anywhere in the U.S but are encouraged to to still spend high quality time in-person collaborating via regular onsites. The in-person sessions' cadence varies depending on the team and role; most teams meet once or twice per quarter for 2-4 consecutive days at a time.

#LI-REMOTE

#LI-MidSenior --> use for L5, L6