Program Manager, Third Party Risk

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About The Team

The Third Party Risk Management (TPRM) team is accountable for defining, maintaining, and overseeing the third party risk framework, policy, and inventory in accordance with management expectations and best practices. We are focused on assessing and managing risks exposed through our relationships with third parties, adhering to regulatory guidance, and driving operational efficiencies across risk teams.

What you’ll do

The purpose of the Program Manager, Third Party Risk is to support and maintain a robust framework for identifying, assessing, and managing third party risks to protect Stripe.

This role will partner with cross-functional Risk Domain Owners, Procurement sub-teams, Legal, and other stakeholders to apply a unified Third Party Risk Framework across risk and compliance areas.

This person maintains the existing Stripe Third Party Risk Program, Policy, and Standards, while further developing new Standards to propel the maturity of the Third Party Risk Program.

Responsibilities

Maintain the Global Third Party Risk Management Program, Policy, and Framework, ensuring alignment with relevant regulations, standards, and best practices

Launch and mature nascent risk domains to increase overall program maturity

Design and support an enhanced oversight model for specialized third party types including Partnerships, and Contingent Workers

Design and enhance elements of the existing Third Party Risk Framework including offboarding and incident monitoring, among other areas

Build and oversee third party performance management function; define performance standards, including metric templates and ongoing monitoring activities, to ensure third party health

Design effective reporting to monitor and communicate the third party risk program status, key issues, and remediation plans to governance committees, senior leaders, and relevant stakeholders

Serve as subject matter expert and coordinator of system business requirements among risk domain owners and stakeholders - prioritizing effective requirements (Users First and Risk Focused)

Who You Are

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

4+ years of experience in risk or compliance roles, preferably third party risk in a regulated environment

Proven experience managing distinct projects and programs, with particularly strong skills in stakeholder management

Strong written and verbal communication skills—including the ability to communicate effectively with different stakeholders across the business such as risk domain owners, internal audit, and the broader risk and compliance community

Excellent cross-functional collaboration skills, including navigating leadership and interpersonal working relationships

Exceptional organizational and time management skills

Ability to handle multiple assignments while comfortably managing ambiguity

Ability to assess and analyze data in order to solve problems and draw insightful conclusions

Preferred Qualifications

Previous experience building third party risk programs

Previous experience implementing programs around regulatory frameworks

Understanding of risk program elements including policy and risk appetite creation and maintenance

Understanding of risk areas such as information security, privacy, business continuity, finance, reputation, operational, and ESG

Experience With Tableau Or Other Data Visualization Tools