Third-Party Risk Management Program Officer
$100,884–$151,326 year
On-site · Seattle, Washington, United States or Tacoma, Washington, United States
Job Summary
Leads and manages Heritage Bank's Third-Party Risk Management (TPRM) Program across the vendor lifecycle, ensuring governance, alignment with ERM/Information Security/Legal/Compliance, and effective risk identification, assessment, and monitoring (cybersecurity, privacy, operational resilience, etc.). Provides executive reporting on risk posture, engages cross-functional SMEs, defines program tools and KRIs, and interfaces with regulatory exams and audits. Based in Tacoma, Seattle, Spokane, or Portland with a strong focus on policy development, risk-rating methodologies, due diligence, control assessments, and continuous program improvement.
Required Qualifications
- Bachelor’s degree in Business, Risk Management, Information Security or related field preferred
- 5+ years of recent experience in a vendor risk management, third-party oversight, or enterprise risk program role within a financial services environment required
- Proven experience leading the development, implementation, and ongoing management of an enterprise-scale third-party risk management program required
- Professional certifications as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or equivalent preferred
- Equivalent combination of education, training, certifications, and/or relevant work experience may be considered
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.