Bank Technology Supplier Risk Manager

The Role:

Technology Risk Management (TRM) and Banking Engineering teams collaborate to manage and support risk mitigation and execution of controls in the first line of defense (1LOD). This unique opportunity will allow you to work with talented teams and stakeholders across the organization’s lines of defense to drive the improvement of SoFi Bank’s overall risk posture. 

The Bank Technology Supplier Risk Manager role will partner closely with Technology/Engineering, Supplier Relationship Owners (SROs) and second line of defense (2LOD) Risk Management groups to provide 1LOD risk management subject matter expertise (SME) and to execute a high quality Third Party Risk Management program. This role will help Technology/Engineering leadership manage risks, and related enhancements, to core bank technology programs and identify and manage third party risk.

Responsibilities: 

• Provide risk management subject matter expertise for the Bank Technology Engineering and Product teams to continuously improve and enhance the overall technology risk posture
• Partner closely with 2LOD Risk Management and cross functional teams to execute and implement an effective Third Party Risk Management program
• Partner with Supplier Relationship Owners (SRO’s) and cross-functional partners to manage Bank Technology suppliers, including inventory management and execution of supplier risk lifecycle activities such as: onboarding, monitoring (review SOC reports and/or control activities), and termination
• Establish a regular communication channel with suppliers and Supplier Relationship Owners to manage relationships, execute tasks, address issues, and oversee product road map, production support, and/or development activities
• Assist Bank Technology Engineering and Product teams in developing, reviewing, and monitoring of Service Level Agreements (SLAs)

For issues identified, support root cause analysis, assist with developing remediation plans, and tracking to closure 

• Lead Bank Compliance Technology Working Group focused on discussing ongoing program and roadmap prioritization related to regulatory and compliance initiatives
• Support current compliance requirements including but not limited to SOX, PCI, compliance with specific regulatory requirements, Business Controls Testing and other risk controls and assessments. 
• Collaborate with Technology Engineering and Product teams to rationalize, document, track, and drive risk-related outcomes for core initiatives 

• Support regulatory, audit, and examinations requests 
• Contribute to management updates, reporting, and metrics 

Qualifications:

• Bachelor’s degree in Technology/Systems, Risk Management, and/or Program/Project Management related areas
• Minimum of 8 years of experience in Technology/Systems Program/Project Management related areas, and/or Risk Management areas (TPRM, GRC, Technology Risk) areas in the financial services industry
• Comprehensive knowledge of Third Party Risk Management methodologies, risk mitigation principles and outsourced risk governance best practices
• Experience with managing relationships and projects with Technology suppliers 
• Experience with Third Party Risk Management programs lifecycle activities, including: risk assessment / due diligence related to onboarding and monitoring of suppliers
• Demonstrated experience in building out programs and/or processes
• Ability to provide subject matter expertise related to risk management within the Technology ecosystem
• Demonstrated ability to support technical project management, process improvement, change management, and related governance
• Excellent communication and stakeholder management skills, including the ability to effectively interact with and influence cross functional partners, management, and suppliers
• Knowledge of key regulations applicable to the financial services industry