Third-Party Risk Management Program Officer
Heritage-Bank
If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Third-Party Risk Management Program Officer Regular Full-Time Compliance Hillsboro, OR, US 1 Attachments 6 days ago Requisition ID: 4447 Heritage Bank has an exciting opportunity to join our organization! We are seeking Third-Party Risk Management Program Officer to join our Risk and Compliance team. The third‑party risk management program officer is responsible for the design, execution, and continuous improvement of the bank's third‑party risk management program across the full vendor lifecycle, from onboarding through offboarding. Operating within the Second Line of Defense (2LoD), this role provides governance and oversight to ensure operational alignment of the bank's TPRM processes across Information Security, Legal, Procurement, Business Units, and Internal Audit. This position is accountable for ensuring third‑party risks, including cybersecurity, operational, compliance, reputational, and concentration risks, are appropriately identified, assessed, and monitored in alignment with regulatory expectations. The geographical location for this position is Tacoma, WA, Seattle, WA, Spokane, WA, or Portland, OR. Base Salary Range: $100,884.00 - $126,105.00 - $151,326.00 annual The Role at a Glance: Leads and manages the Third-Party Risk Management (TPRM) Program, including development and continuous refinement of TPRM policies and procedures, risk tiering and segmentation models, risk rating methodologies, and vendor lifecycle control checkpoints. Ensures alignment of the TPRM program with enterprise risk management (ERM), information security, compliance, and legal frameworks. Oversees execution of inherent risk assessments, due diligence reviews, and control assessments across all third-party risk domains (cybersecurity, privacy, operational resilience, etc.). Ensures appropriate engagement of cross-functional subject matter experts (e.g., Information Security, Legal, Compliance) and that roles and responsibilities are clearly defined within established processes. Defines and maintains program tools, templates, escalation protocols, and residual risk acceptance processes. Integrates and aligns TPRM program with related programs (e.g., Vendor Management, procurement, Business Continuity Planning, Information Security Risk Assessments, Cloud Governance, AI/Model Risk). Establishes and tracks key risk indicators (KRIs). Provides executive-level reporting on third-party risk posture, program maturity, and systemic exposures (e.g., concentration risk, critical service dependency). Monitors and escalates open risk issues, overdue assessments, and policy exceptions. Serves as the primary contact for regulatory exams and internal/external audits related to third-party risk. Performs continuous monitoring of Critical and High risk third parties. Maintains audit-ready documentation, evidence of program execution, and continuous improvement roadmap. Monitors regulatory changes (e.g., OCC Bulletins, FFIEC updates, DORA, NYDFS, etc.) and updates program controls to align with evolving requirements. Core Skills and Qualifications: Bachelor’s degree in Business, Risk Management, Information Security or related field preferred. 5+ years of recent experience in a vendor risk management, third-party oversight, or enterprise risk program role within a financial services environment required. Proven experience leading the development, implementation, and ongoing management of an enterprise-scale third-party risk management program required. Professional certifications as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or equivalent preferred. Equivalent combination of education, training, certifications, and/or relevant work experience may be considered. Provide an exceptional level of service for internal and external customers, with the ability to build and maintain positive, professional relationships, to successfully interact with and influence all levels of management and functional and cross-functional areas across the organization. Highly effective listening, verbal, written, and telephone etiquette business communication skills, including effective questioning strategies, negotiation and presentation skills to communicate security-related concepts in a variety of settings, to a broad range of technical and non-technical staff. Ability to read, write, speak, and understand English well. Strategic in approach to program design, problem solving, and decision-making, with demonstrated ability to quickly focus on key issues and make decisions under pressure of time constraints. Risk based mindset and strong analytical and critical thinking skills, with the ability to independently assess risk decisions and constructively challenge assumptions and conclusions. Thorough knowledge and understanding of regulatory frameworks (e.g. FFIEC, GLBA, PCI‑DSS, SOX, FFIEC, HIPAA etc.) and of NIST CSF, ISO 27001, COBIT, COSO and vendor risk management frameworks. Strong knowledge of information security assessment and auditing practices, including the ability to evaluate technical and business controls using established frameworks and methodologies, and to effectively interpret results from security tools and subject matter expert assessments. Thorough knowledge and understanding of related statutory banking compliance regulations issued by the FDIC, FinCEN, and Federal Reserve Board, with strong knowledge of privacy laws, such as GLBA and SOX. Strong project management, planning, organizational, time management, and follow-up skills, demonstrating a strong sense of urgency and ability to execute quickly, timely and efficiently; independently ensuring that priorities are set and commitments and deadlines are met with minimal direction and oversight. Unquestionable integrity in handling sensitive and confidential information required. Proficient and advanced use and understanding of MS Office products (Word, Excel, Outlook), with the ability to adapt to and learn new technologies quickly. Proficient use and understanding of third-party risk management software (ex. UpGuard, Tandem, Gartner, etc.). Work Environment/Conditions: Climate controlled office environment. Work involves being able to concentrate on the matter at hand, under sometimes distracting work conditions, and frequent employee and customer contacts and interruptions during the day. Physical Demands/Effort: Work may involve the constant use of computer screens, reading of reports, and sitting throughout the day. Ability to operate a computer keyboard, multi-line telephone, photocopier, scanner and facsimile which often requires dexterity of hands and fingers with repetitive wrist and hand motion. Typically sitting at a desk or table; intermittently standing, stooping, bending at the waist, walking, climbing, kneeling or crouching to file materials. Occasional lifting up to 20 lbs. (files, boxes, etc.). At Heritage Bank, we work hard, but we also know how important it is to take time off to stay healthy, relax, and spend time doing what makes your heart happy! As part of our team, you’ll enjoy a total rewards package, which includes base salary based on the role, experience, and skill set, along with an exceptional benefits package (medical, dental, vision, life insurance, 401(k), community volunteer time), and generous time off policy. Full-time team members receive a minimum of 10 paid vacation days annually and eight hours of paid sick leave per month, while also enjoying 11 paid holidays each calendar year, and an annual float day. The above statements are intended to describe the general nature and level of work being performed and are not an exclusive list of all qualifications for this position. The base salary range represents Heritage Bank’s current salary range for the position. Actual salaries will vary depending on factors including, but not limited to, qualifications, experience, and job performance. The range listed is just one component of Heritage Bank’s total compensation package for full time and part time employees. Depending on position, other total compensation rewards may include, monthly, quarterly or annual incentive, and/or bonuses. Heritage Bank is an Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, or any other basis protected by applicable law. Job applicants have certain legal rights. Please click here for information regarding these rights. #J-18808-Ljbffr Heritage-Bank
- Technology Risk & Compliance Analyst (Cloud) Location: Seattle,... ...engagements related to IT risk management, audit, and compliance.... ...controls, and risk management programs. Prepare and review deliverables... ...only and not available for third-party or Corp-to-Corp. Benefits Health...SuggestedTemporary workApprenticeship
- ...Compliance Specialist is a key member of YouthCare's Program Quality and Impact (PQI) team, working under the day-to-day direction of the Senior Program Manager - Grants & Contracts. This position assists the third-party outsourced accounting team with the preparation and...SuggestedContract work
$80.17k - $95.46k
...Control Specialist identifies risks, analyzes trends,... ...effectiveness of McGee’s Safety Management System (SMS) and Quality Control programs. Key Responsibilities... ...with Microsoft Office applications, including... ...clicking the link above or any third‑party link within this posting...SuggestedWork at officeLocal areaFlexible hoursNight shiftWeekend workEarly shift- ...are looking for a Compliance Officer to support Group Function Third Party Assessments within Compliance Programs & Operations. You will be... ...aspects of Ericsson’s Third‑Party Management Program (TPM) acting as a... ...diligence and third‑party risk assessments. This opportunity...SuggestedWork experience placementLocal areaShift work
$30 - $35 per hour
...HUD Project-Based Section 8 programs, along with strong analytical... ...communication skills. This is a home office‑based role supporting onsite... ...Director and Compliance Manager. Communicate daily with... ...concern, and coordinate with third‑party agencies on audit findings....SuggestedHourly payFull timeInterim roleRemote workHome office- ...Procurement Analyst HMA is the premier third‑party health plan administrator... ...the end‑to‑end vendor management lifecycle, including RFP support... ...appropriate contracting, risk evaluation, and financial stewardship... .... Vendor Risk & Compliance Program Support Perform vendor risk...Contract workFlexible hours
$75.65k - $102.35k
...will support our BGS Commercial airplane programs by performing a collective analysis of... ...products, operations and processes to Quality Management System requirements, applicable company... ...and coordinates with the responsible parties for internal/external distribution....Full timeContract workVisa sponsorshipWork visaRelocation packageFlexible hoursShift workDay shift- Program Officer, Water, Sanitation and Hygiene Job (Bill \u0026 Melinda Gates Foundation, Seattle... ...capabilities, such as taking risks to drive innovation and engaging with a... ...question and challenge colleagues, including managers, and partners in a constructive manner....
$238.4k - $369.4k
Gates Foundation is seeking a Senior Program Officer for Gynecology based in Seattle. This role involves leading investments and partnerships aimed at developing solutions for women's health issues, particularly heavy menstrual bleeding. The ideal candidate will possess...$238.4k - $369.4k
...to and learn from these experts. We take risks in new areas, prove concepts, and bring... ...health R&D ecosystem. Your Role The Senior Program Officer, Gynecology (SPO) will lead a portfolio... ...align with WHI GYN strategy Closely manage a diverse portfolio of investments Work...- The Bill & Melinda Gates Foundation in Seattle is looking for a Senior Program Officer, Gynecology to lead initiatives that address heavy menstrual bleeding for women and girls in low middle-income countries. The role involves collaborating with private sector partners,...
- ...time OVERVIEW The Roots & Wings Foundation is looking for a Program Officer to help shape and grow our new foundation. This is a chance to... ...with the Executive Director to set funding strategy and manage our grants program. Other main duties include helping support...Full timePart timeWork experience placementWork at office
- ...implementation of ISO 13485 certified quality management system policies and procedures. They play... ...change procedure Assure calibration program is current and maintained Schedule... ...production methods, product safety/quality, and risk management Coordinate quality...Day shift
- ...Chief Program Officer (CPO) About the Company Globally-recognized organization providing community-based services to youth Industry Non-Profit Organization Management Type Non Profit Founded 1975 Employees 1001-5000 Categories Health Care...Work at office
- ...Chief Program Officer About the Company Charitable organization focused on bringing resources to developing countries Industry... ...shaping the future of AI in the developing world. Hiring Manager Title CEO Functions ~ Non-Profit Management ConfidentialLocal area
$80.2k - $102.5k
...adventurers ready to find their party, fueled by imaginationand... ...product lifecycle and help reduce risk through strong systems and... ...North America, Europe, and Asia. Manage and review regulatory documentation... ...or regulatory monitoring programs. Exposure to chemical safety,...$33.02 - $49.54 per hour
...the credit union’s compliance management system (CMS) by ensuring... ...ensure ongoing compliance and risk mitigation. You are responsible... ...documentation to ensure alignment with program requirements and applicable... ...knowledge of most Microsoft Office applications, including...Hourly payFull timeContract workWork at officeLocal areaRemote work- Boys & Girls Clubs of America in Bellevue is seeking a Vice President of Traditional Clubs & Athletics to lead and oversee all youth programs. This role requires strategic vision and operational excellence, focusing on program quality and ensuring safe environments. Ideal...
$75k
...responsible for assisting the Compliance Officer with compliance monitoring... ...is adequate and effectively managed in accordance with bank... ...validation of the compliance management program and monitors the ongoing effectiveness of compliance risk management. Researching,...- ...detail‑oriented Project Control Officer to lead oversight of our robust Capital Improvement Program (CIP) and ensure smooth,... ...and implementing robust program management systems for complex capital projects... ...management, scheduling, estimating, risk, change management, contracting...Full timeContract workFor contractorsWork at officeLocal areaRemote workFlexible hours
$62k - $78k
...the design of and implements programs, policies, and practices to ensure... ...potential compliance risks Assist in preparation for and... ...experience in a compliance, risk management or audit related role... ...Tuesday - Thursday in Bellevue, WA office (3 days) Physical Requirements...Full timeWork at officeLocal area$70k - $90k
...administer an effective regulatory compliance program that ensures adherence to state... ...partnering with internal teams to identify risks, implement solutions, and promote regulatory... ...responses to data calls and surveys * Manages regulatory/compliance software as needed...Hourly payFull timeTemporary workCasual workLocal areaFlexible hours- Posted on December 20, 2023 The Roots & Wings Foundation is looking for a Hospital Partnerships Manager (aka Program Officer) to help shape our growing foundation. This position will help make a positive impact on the lives of many people living in under-resourced communities...
$142.2k - $173.8k
Position Summary The Care liaison Manager is a leader who connects hospitals with the Home... ...healthcare teams, business development, or program management. Preferred: Previous business... ..., team members, investors, and external parties. Demonstrated interpersonal skills and...Local areaFlexible hours$88.79k - $133.18k
...leadership to actively promote high-priority programs and services to referring provider... ...analysis to identify opportunities and risks within assigned territory, in alignment... ...have a driving record acceptable to Risk Management. Required Credentials Current Driver'...Full timeLocal area- ...readiness of Boeing personnel and program stakeholders. The assessor... ...government, intellectual, third party and company information from... ...Oversees Sub-Contractor Management (e.g., providing contractual... ...Experience): Experience with MS Office (Word, Excel, Teams, and...For subcontractor
$101.9k - $173.2k
...Blue Cross’ Regulatory Compliance & Ethics program through focused advocacy, detailed regulatory... ...interest groups. Assist the business and third parties with the implementation of new and changing laws and regulations. Manage inquiries and exams from state and federal...Work experience placement$225k - $365k
...Environmental Practice of our DC office. We offer competitive... ...knowledge of federal environmental programs and interest in joining our... ...researching complex issues, managing discovery, and drafting motions... ...through our web portal for third‑party submissions; for access, contact...Full timeTemporary workWork at officeFlexible hours$120k - $165k
True Anomaly is looking for a driven Enterprise Risk Analyst in Long Beach, CA, to enhance its risk management capabilities. This role involves executing risk assessments, managing vendor risks, and collaborating across teams to ensure compliance with standards like NIST...$10k
...Jewish community through our diverse range of programs, projects, and events. Our mission is to... ...RESPONSIBILITIES Summary The Major Gifts Officer plays a critical role in supporting the... ...Essential Responsibilities Donor Growth: Manage and grow a portfolio of 100 current and...Temporary workWork at officeWeekend workAfternoon shift
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Third-Party Risk Management Program Officer. Be the first to apply!
- senior quantitative risk analyst Seattle, WA
- it risk analyst Seattle, WA
- risk consultant Seattle, WA
- operational risk consultant Seattle, WA
- third party risk analyst Seattle, WA
- risk analyst Seattle, WA
- risk officer Seattle, WA
- operational risk specialist Seattle, WA
- antepartum high risk ob nurse Seattle, WA
- risk Seattle, WA

