Program and Third Party Risk Management Director

The Director of Program and Third-Party Risk Management provides strategic leadership and oversight for two critical enterprise functions: the governance of the banks strategic program portfolio and the oversight of third-party risk. This role is responsible for evolving the Enterprise Project Management Office (EPMO) into a Program Management Office (PgMO) that ensures transformation initiatives are delivered on time within scope and aligned to strategic growth objectives. The Director also ensures that third-party engagements comply with OCC regulatory expectations and industry best practices.

Principal Duties & Responsibilities:

Governance and Strategy:

• Establish and continuously evolve the Program Management Office (PgMO) framework to ensure strategic alignment with PMI standards OCC 2023-29 guidance and internal governance bodies (PSC MEC MERC ORC Board Committees).
• Oversee program intake prioritization and approval processes ensuring initiatives support corporate strategy resource capacity and enterprise risk appetite.
• Maintain and enforce PgMO policies standards and methodologies that promote discipline consistency and accountability across strategic programs.
• ead remediation of all open issues and audit findings (Second and Third line) related to PgMO and Third-Party Risk Management (TPRM).

Program Portfolio Management and Execution:

• Direct execution of a strategic program portfolio encompassing growth initiatives operational efficiency regulatory compliance and technology modernization.
• Oversee the full lifecycle of programsfrom business case development through execution benefits realization and closureensuring alignment with enterprise architecture and long-term business readiness.
• Implement program-level dashboards and KPIs for executive and board visibility into delivery health financial performance risk exposure and value realization.
• Integrate enterprise architecture resource management and third-party oversight into program planning to ensure scalability continuity and resilience.

Technology and Data Enablement:

• Lead deployment and optimization of ServiceNow Strategic Portfolio Management (SPM) and Vendor Risk Management (VRM) modules as unified systems of record for governance financials capacity planning RAID logs and reporting.
• Implement timecard and resource management functionality to enable accurate tracking of actuals vs. planned capacity and cost across programs and vendors.
• Ensure data integrity audit readiness and real-time reporting capabilities across PgMO and TPRM platforms.
• Change Management and Business Adoption
• Embed organizational change management practices into program delivery to ensure leaders and employees understand adopt and sustain transformation initiatives.
• Partner with HR Communications and business unit leadership to reinforce role clarity talent development and long-term business readiness for strategic programs.

Third-Party Risk Management (TPRM):

• Oversee the enterprise-wide third party vendor risk management program in alignment with OCC 2023 Interagency Guidance integrating risk tiering due diligence monitoring and termination protocols into PgMO governance.
• Ensure program maturity addresses all regulatory touchpoints including risk assessments contract management performance reviews concentration risk business continuity and exit strategies.
• Maintain comprehensive documentation of processes methodologies and governance records to demonstrate program effectiveness to regulators and auditors.
• Lead inherent and residual risk scoring methodologies and embed vendor risk checkpoints throughout the program lifecycle.
• Establish escalation protocols for underperforming vendors or compliance gaps with defined remediation plans and executive-level reporting.

Stakeholder and Regulatory Engagement:

• Serve as the primary liaison with regulators internal audit and executive committees on matters related to strategic programs and third-party risk.
• Partner with Legal Compliance IT Risk Procurement and Business Units to align program and vendor oversight with enterprise objectives and risk appetite.
• Report program and vendor status issues and regulatory gaps to ORC MERC and the Boards Enterprise Risk Committee ensuring transparency and accountability.

Leadership and Cross-Functional Engagement:

• Lead mentor and develop a team of project managers program managers and third-party risk manager contract specialist and analysts; instilling a culture of accountability ownership and continuous improvement.
• Partner with executives across Operations IT Finance Risk Compliance and Treasury to ensure alignment of priorities efficient use of resources and resolution of cross-functional dependencies.
• Role-model the banks core values (Integrity Excellence Respect) and leadership pillars (Behaving Like an Owner Driving Exceptional Results Bringing the Best Out of Each Other Passionate About Clients).
• Represent the bank externally in industry forums peer groups and associations to benchmark best practices and strengthen institutional resilience.

Program & Project Leadership

• 10 years of experience in enterprise project program management or operational management with at least 35 years in a leadership role.
• Demonstrated success managing complex portfolios or strategic initiatives across business units.
• Experience contributing to or leading the development of a Program Management Office (PgMO) or similar governance structure is preferred.

Regulatory & Risk Oversight

• 35 years of experience in third-party risk management vendor oversight or enterprise risk functions.
• Working knowledge of OCC Interagency Guidance FFIEC standards and internal audit processes.
• Experience supporting regulatory exams or remediating audit findings.

Financial Services Industry

• Experience working in a regulated financial institution preferably with $10B in assets.
• Familiarity with banking operations strategic planning and risk frameworks.

Technology & Data Enablement

• Experience with project portfolio management tools (e.g. ServiceNow SPM) and vendor risk platforms (e.g. ServiceNow VRM Archer).
• Ability to interpret and present data through dashboards KPIs and executive reporting.

Stakeholder Engagement

• Strong communication and collaboration skills with cross-functional teams including Risk Compliance Legal and Procurement.
• Experience presenting to senior leadership or governance committees is a plus.

Knowledge & Skills:

• Deep knowledge of OCC regulations interagency guidance on third-party risk management and regulatory expectations for project governance.
• Expertise in enterprise project portfolio management including governance change management benefits realization and resource planning.
• Strong understanding of risk management vendor lifecycle oversight and operational resilience principles.
• Proficiency in ServiceNow modules (SPM VRM/TPRM CMDB BCM) and ability to leverage technology for governance automation and reporting.
• Exceptional leadership communication and stakeholder management skills with proven ability to influence at the executive and board levels.
• Strategic and analytical mindset with ability to translate complex risk regulatory and operational matters into actionable business strategies.
• Strong organizational skills with ability to manage competing priorities drive execution and deliver measurable results.

• Bachelors Degree in business administration risk management strategy or related fields.

• Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters here.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c)
• Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at or by e-mail at.