Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Third-Party Risk Management Program Officer

Heritage-Bank

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Third-Party Risk Management Program Officer Regular Full-Time Compliance Hillsboro, OR, US 1 Attachments 6 days ago Requisition ID: 4447 Heritage Bank has an exciting opportunity to join our organization! We are seeking Third-Party Risk Management Program Officer to join our Risk and Compliance team. The third‑party risk management program officer is responsible for the design, execution, and continuous improvement of the bank's third‑party risk management program across the full vendor lifecycle, from onboarding through offboarding. Operating within the Second Line of Defense (2LoD), this role provides governance and oversight to ensure operational alignment of the bank's TPRM processes across Information Security, Legal, Procurement, Business Units, and Internal Audit. This position is accountable for ensuring third‑party risks, including cybersecurity, operational, compliance, reputational, and concentration risks, are appropriately identified, assessed, and monitored in alignment with regulatory expectations. The geographical location for this position is Tacoma, WA, Seattle, WA, Spokane, WA, or Portland, OR. Base Salary Range: $100,884.00 - $126,105.00 - $151,326.00 annual The Role at a Glance: Leads and manages the Third-Party Risk Management (TPRM) Program, including development and continuous refinement of TPRM policies and procedures, risk tiering and segmentation models, risk rating methodologies, and vendor lifecycle control checkpoints. Ensures alignment of the TPRM program with enterprise risk management (ERM), information security, compliance, and legal frameworks. Oversees execution of inherent risk assessments, due diligence reviews, and control assessments across all third-party risk domains (cybersecurity, privacy, operational resilience, etc.). Ensures appropriate engagement of cross-functional subject matter experts (e.g., Information Security, Legal, Compliance) and that roles and responsibilities are clearly defined within established processes. Defines and maintains program tools, templates, escalation protocols, and residual risk acceptance processes. Integrates and aligns TPRM program with related programs (e.g., Vendor Management, procurement, Business Continuity Planning, Information Security Risk Assessments, Cloud Governance, AI/Model Risk). Establishes and tracks key risk indicators (KRIs). Provides executive-level reporting on third-party risk posture, program maturity, and systemic exposures (e.g., concentration risk, critical service dependency). Monitors and escalates open risk issues, overdue assessments, and policy exceptions. Serves as the primary contact for regulatory exams and internal/external audits related to third-party risk. Performs continuous monitoring of Critical and High risk third parties. Maintains audit-ready documentation, evidence of program execution, and continuous improvement roadmap. Monitors regulatory changes (e.g., OCC Bulletins, FFIEC updates, DORA, NYDFS, etc.) and updates program controls to align with evolving requirements. Core Skills and Qualifications: Bachelor’s degree in Business, Risk Management, Information Security or related field preferred. 5+ years of recent experience in a vendor risk management, third-party oversight, or enterprise risk program role within a financial services environment required. Proven experience leading the development, implementation, and ongoing management of an enterprise-scale third-party risk management program required. Professional certifications as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or equivalent preferred. Equivalent combination of education, training, certifications, and/or relevant work experience may be considered. Provide an exceptional level of service for internal and external customers, with the ability to build and maintain positive, professional relationships, to successfully interact with and influence all levels of management and functional and cross-functional areas across the organization. Highly effective listening, verbal, written, and telephone etiquette business communication skills, including effective questioning strategies, negotiation and presentation skills to communicate security-related concepts in a variety of settings, to a broad range of technical and non-technical staff. Ability to read, write, speak, and understand English well. Strategic in approach to program design, problem solving, and decision-making, with demonstrated ability to quickly focus on key issues and make decisions under pressure of time constraints. Risk based mindset and strong analytical and critical thinking skills, with the ability to independently assess risk decisions and constructively challenge assumptions and conclusions. Thorough knowledge and understanding of regulatory frameworks (e.g. FFIEC, GLBA, PCI‑DSS, SOX, FFIEC, HIPAA etc.) and of NIST CSF, ISO 27001, COBIT, COSO and vendor risk management frameworks. Strong knowledge of information security assessment and auditing practices, including the ability to evaluate technical and business controls using established frameworks and methodologies, and to effectively interpret results from security tools and subject matter expert assessments. Thorough knowledge and understanding of related statutory banking compliance regulations issued by the FDIC, FinCEN, and Federal Reserve Board, with strong knowledge of privacy laws, such as GLBA and SOX. Strong project management, planning, organizational, time management, and follow-up skills, demonstrating a strong sense of urgency and ability to execute quickly, timely and efficiently; independently ensuring that priorities are set and commitments and deadlines are met with minimal direction and oversight. Unquestionable integrity in handling sensitive and confidential information required. Proficient and advanced use and understanding of MS Office products (Word, Excel, Outlook), with the ability to adapt to and learn new technologies quickly. Proficient use and understanding of third-party risk management software (ex. UpGuard, Tandem, Gartner, etc.). Work Environment/Conditions: Climate controlled office environment. Work involves being able to concentrate on the matter at hand, under sometimes distracting work conditions, and frequent employee and customer contacts and interruptions during the day. Physical Demands/Effort: Work may involve the constant use of computer screens, reading of reports, and sitting throughout the day. Ability to operate a computer keyboard, multi-line telephone, photocopier, scanner and facsimile which often requires dexterity of hands and fingers with repetitive wrist and hand motion. Typically sitting at a desk or table; intermittently standing, stooping, bending at the waist, walking, climbing, kneeling or crouching to file materials. Occasional lifting up to 20 lbs. (files, boxes, etc.). At Heritage Bank, we work hard, but we also know how important it is to take time off to stay healthy, relax, and spend time doing what makes your heart happy! As part of our team, you’ll enjoy a total rewards package, which includes base salary based on the role, experience, and skill set, along with an exceptional benefits package (medical, dental, vision, life insurance, 401(k), community volunteer time), and generous time off policy. Full-time team members receive a minimum of 10 paid vacation days annually and eight hours of paid sick leave per month, while also enjoying 11 paid holidays each calendar year, and an annual float day. The above statements are intended to describe the general nature and level of work being performed and are not an exclusive list of all qualifications for this position. The base salary range represents Heritage Bank’s current salary range for the position. Actual salaries will vary depending on factors including, but not limited to, qualifications, experience, and job performance. The range listed is just one component of Heritage Bank’s total compensation package for full time and part time employees. Depending on position, other total compensation rewards may include, monthly, quarterly or annual incentive, and/or bonuses. Heritage Bank is an Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, or any other basis protected by applicable law. Job applicants have certain legal rights. Please click here for information regarding these rights. #J-18808-Ljbffr Heritage-Bank

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Third-Party Risk Management Program Officer in Seattle, WA vacancy
  • Technology Risk & Compliance Analyst (Cloud) Location: Seattle,...  ...engagements related to IT risk management, audit, and compliance....  ...controls, and risk management programs. Prepare and review deliverables...  ...only and not available for third-party or Corp-to-Corp. Benefits Health... 
    Suggested
    Temporary work
    Apprenticeship

    Itlearn360

    Seattle, WA
    3 days ago
  •  ...Compliance Specialist is a key member of YouthCare's Program Quality and Impact (PQI) team, working under the day-to-day direction of the Senior Program Manager - Grants & Contracts. This position assists the third-party outsourced accounting team with the preparation and... 
    Suggested
    Contract work

    YouthCare

    Seattle, WA
    1 day ago
  • $80.17k - $95.46k

     ...Control Specialist identifies risks, analyzes trends,...  ...effectiveness of McGee’s Safety Management System (SMS) and Quality Control programs. Key Responsibilities...  ...with Microsoft Office applications, including...  ...clicking the link above or any third‑party link within this posting... 
    Suggested
    Work at office
    Local area
    Flexible hours
    Night shift
    Weekend work
    Early shift

    McGee Air Services Inc.

    Renton, WA
    2 days ago
  •  ...are looking for a Compliance Officer to support Group Function Third Party Assessments within Compliance Programs & Operations. You will be...  ...aspects of Ericsson’s Third‑Party Management Program (TPM) acting as a...  ...diligence and third‑party risk assessments. This opportunity... 
    Suggested
    Work experience placement
    Local area
    Shift work

    Ericsson

    Renton, WA
    1 day ago
  • $30 - $35 per hour

     ...HUD Project-Based Section 8 programs, along with strong analytical...  ...communication skills. This is a home office‑based role supporting onsite...  ...Director and Compliance Manager. Communicate daily with...  ...concern, and coordinate with third‑party agencies on audit findings.... 
    Suggested
    Hourly pay
    Full time
    Interim role
    Remote work
    Home office

    Indigo Real Estate

    Renton, WA
    2 days ago
  •  ...Procurement Analyst HMA is the premier third‑party health plan administrator...  ...the end‑to‑end vendor management lifecycle, including RFP support...  ...appropriate contracting, risk evaluation, and financial stewardship...  .... Vendor Risk & Compliance Program Support Perform vendor risk... 
    Contract work
    Flexible hours

    Healthcare Management Administrators

    Bellevue, WA
    2 days ago
  • $75.65k - $102.35k

     ...will support our BGS Commercial airplane programs by performing a collective analysis of...  ...products, operations and processes to Quality Management System requirements, applicable company...  ...and coordinates with the responsible parties for internal/external distribution.... 
    Full time
    Contract work
    Visa sponsorship
    Work visa
    Relocation package
    Flexible hours
    Shift work
    Day shift

    Boeing

    Seatac, WA
    3 days ago
  • Program Officer, Water, Sanitation and Hygiene Job (Bill \u0026 Melinda Gates Foundation, Seattle...  ...capabilities, such as taking risks to drive innovation and engaging with a...  ...question and challenge colleagues, including managers, and partners in a constructive manner.... 

    SuSanA

    Seattle, WA
    2 days ago
  • $238.4k - $369.4k

    Gates Foundation is seeking a Senior Program Officer for Gynecology based in Seattle. This role involves leading investments and partnerships aimed at developing solutions for women's health issues, particularly heavy menstrual bleeding. The ideal candidate will possess... 

    Gates Foundation

    Seattle, WA
    3 days ago
  • $238.4k - $369.4k

     ...to and learn from these experts. We take risks in new areas, prove concepts, and bring...  ...health R&D ecosystem. Your Role The Senior Program Officer, Gynecology (SPO) will lead a portfolio...  ...align with WHI GYN strategy Closely manage a diverse portfolio of investments Work... 

    Gates Foundation

    Seattle, WA
    3 days ago
  • The Bill & Melinda Gates Foundation in Seattle is looking for a Senior Program Officer, Gynecology to lead initiatives that address heavy menstrual bleeding for women and girls in low middle-income countries. The role involves collaborating with private sector partners,... 

    Bill & Melinda Gates Foundation

    Seattle, WA
    3 days ago
  •  ...time OVERVIEW The Roots & Wings Foundation is looking for a Program Officer to help shape and grow our new foundation. This is a chance to...  ...with the Executive Director to set funding strategy and manage our grants program. Other main duties include helping support... 
    Full time
    Part time
    Work experience placement
    Work at office

    The Roots & Wings Foundation - Seattle, WA

    Seattle, WA
    1 day ago
  •  ...implementation of ISO 13485 certified quality management system policies and procedures. They play...  ...change procedure Assure calibration program is current and maintained Schedule...  ...production methods, product safety/quality, and risk management Coordinate quality... 
    Day shift

    RSA Inc

    Kenmore, WA
    4 days ago
  •  ...Chief Program Officer (CPO) About the Company Globally-recognized organization providing community-based services to youth Industry Non-Profit Organization Management Type Non Profit Founded 1975 Employees 1001-5000 Categories Health Care... 
    Work at office

    Confidential

    Seattle, WA
    15 hours ago
  •  ...Chief Program Officer About the Company Charitable organization focused on bringing resources to developing countries Industry...  ...shaping the future of AI in the developing world. Hiring Manager Title CEO Functions ~ Non-Profit Management Confidential
    Local area

    Confidential

    Seattle, WA
    15 hours ago
  • $80.2k - $102.5k

     ...adventurers ready to find their party, fueled by imaginationand...  ...product lifecycle and help reduce risk through strong systems and...  ...North America, Europe, and Asia. Manage and review regulatory documentation...  ...or regulatory monitoring programs. Exposure to chemical safety,... 

    Wizards of the Coast

    Renton, WA
    3 days ago
  • $33.02 - $49.54 per hour

     ...the credit union’s compliance management system (CMS) by ensuring...  ...ensure ongoing compliance and risk mitigation. You are responsible...  ...documentation to ensure alignment with program requirements and applicable...  ...knowledge of most Microsoft Office applications, including... 
    Hourly pay
    Full time
    Contract work
    Work at office
    Local area
    Remote work

    Hzcu

    Seattle, WA
    1 day ago
  • Boys & Girls Clubs of America in Bellevue is seeking a Vice President of Traditional Clubs & Athletics to lead and oversee all youth programs. This role requires strategic vision and operational excellence, focusing on program quality and ensuring safe environments. Ideal... 

    Boys & Girls Clubs of America

    Bellevue, WA
    1 day ago
  • $75k

     ...responsible for assisting the Compliance Officer with compliance monitoring...  ...is adequate and effectively managed in accordance with bank...  ...validation of the compliance management program and monitors the ongoing effectiveness of compliance risk management. Researching,... 

    The Symicor Group

    Seattle, WA
    3 days ago
  •  ...detail‑oriented Project Control Officer to lead oversight of our robust Capital Improvement Program (CIP) and ensure smooth,...  ...and implementing robust program management systems for complex capital projects...  ...management, scheduling, estimating, risk, change management, contracting... 
    Full time
    Contract work
    For contractors
    Work at office
    Local area
    Remote work
    Flexible hours

    King County, WA

    Seattle, WA
    1 day ago
  • $62k - $78k

     ...the design of and implements programs, policies, and practices to ensure...  ...potential compliance risks Assist in preparation for and...  ...experience in a compliance, risk management or audit related role...  ...Tuesday - Thursday in Bellevue, WA office (3 days) Physical Requirements... 
    Full time
    Work at office
    Local area

    Identity Digital Inc.

    Bellevue, WA
    1 day ago
  • $70k - $90k

     ...administer an effective regulatory compliance program that ensures adherence to state...  ...partnering with internal teams to identify risks, implement solutions, and promote regulatory...  ...responses to data calls and surveys * Manages regulatory/compliance software as needed... 
    Hourly pay
    Full time
    Temporary work
    Casual work
    Local area
    Flexible hours

    CopperPoint Insurance Companies

    Seattle, WA
    15 hours ago
  • Posted on December 20, 2023 The Roots & Wings Foundation is looking for a Hospital Partnerships Manager (aka Program Officer) to help shape our growing foundation. This position will help make a positive impact on the lives of many people living in under-resourced communities... 

    Roots & Wings Foundation - Seattle, WA

    Seattle, WA
    1 day ago
  • $142.2k - $173.8k

    Position Summary The Care liaison Manager is a leader who connects hospitals with the Home...  ...healthcare teams, business development, or program management. Preferred: Previous business...  ..., team members, investors, and external parties. Demonstrated interpersonal skills and... 
    Local area
    Flexible hours

    Providence at Home with Compassus

    Seattle, WA
    3 days ago
  • $88.79k - $133.18k

     ...leadership to actively promote high-priority programs and services to referring provider...  ...analysis to identify opportunities and risks within assigned territory, in alignment...  ...have a driving record acceptable to Risk Management. Required Credentials Current Driver'... 
    Full time
    Local area

    Seattle Children's Hospital

    Seattle, WA
    1 day ago
  •  ...readiness of Boeing personnel and program stakeholders. The assessor...  ...government, intellectual, third party and company information from...  ...Oversees Sub-Contractor Management (e.g., providing contractual...  ...Experience): Experience with MS Office (Word, Excel, Teams, and... 
    For subcontractor

    Boeing

    Seattle, WA
    15 hours ago
  • $101.9k - $173.2k

     ...Blue Cross’ Regulatory Compliance & Ethics program through focused advocacy, detailed regulatory...  ...interest groups. Assist the business and third parties with the implementation of new and changing laws and regulations. Manage inquiries and exams from state and federal... 
    Work experience placement

    Dormont Manufacturing Co

    Mountlake Terrace, WA
    3 days ago
  • $225k - $365k

     ...Environmental Practice of our DC office. We offer competitive...  ...knowledge of federal environmental programs and interest in joining our...  ...researching complex issues, managing discovery, and drafting motions...  ...through our web portal for third‑party submissions; for access, contact... 
    Full time
    Temporary work
    Work at office
    Flexible hours

    Greenberg Traurig

    Seattle, WA
    1 day ago
  • $120k - $165k

    True Anomaly is looking for a driven Enterprise Risk Analyst in Long Beach, CA, to enhance its risk management capabilities. This role involves executing risk assessments, managing vendor risks, and collaborating across teams to ensure compliance with standards like NIST... 

    True Anomaly

    Seattle, WA
    3 days ago
  • $10k

     ...Jewish community through our diverse range of programs, projects, and events. Our mission is to...  ...RESPONSIBILITIES Summary The Major Gifts Officer plays a critical role in supporting the...  ...Essential Responsibilities Donor Growth: Manage and grow a portfolio of 100 current and... 
    Temporary work
    Work at office
    Weekend work
    Afternoon shift

    Jewish Federation of Greater Seattle

    Seattle, WA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Third-Party Risk Management Program Officer. Be the first to apply!