Program Manager, Third Party Risk

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Third Party Risk Management (TPRM) team is accountable for defining, maintaining, and overseeing the third party risk framework, policy, and inventory in accordance with management expectations and best practices. We are focused on assessing and managing risks exposed through our relationships with third parties, adhering to regulatory guidance, and driving operational efficiencies across risk teams.

What you’ll do

The purpose of the Program Manager, Third Party Risk is to support and maintain a robust framework for identifying, assessing, and managing third party risks to protect Stripe. This role will partner with cross-functional Risk Domain Owners, Procurement sub-teams, Legal, and other stakeholders to apply a unified Third Party Risk Framework across risk and compliance areas.

This person maintains the existing Stripe Third Party Risk Program, Policy, and Standards, while further developing new Standards to propel the maturity of the Third Party Risk Program.

Responsibilities

• Maintain the Global Third Party Risk Management Program, Policy, and Framework, ensuring alignment with relevant regulations, standards, and best practices
• Launch and mature nascent risk domains to increase overall program maturity
• Design and support an enhanced oversight model for specialized third party types including M&A entities, Partnerships, and Contingent Workers
• Design and enhance elements of the existing Third Party Risk Framework including offboarding and incident monitoring, among other areas
• Build and oversee third party performance management function; define performance standards, including metric templates and ongoing monitoring activities, to ensure third party health
• Design effective reporting to monitor and communicate the third party risk program status, key issues, and remediation plans to governance committees, senior leaders, and relevant stakeholders
• Serve as subject matter expert and coordinator of system business requirements among risk domain owners and stakeholders - prioritizing effective requirements (Users First and Risk Focused)

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

• 4+ years of experience in risk or compliance roles, preferably third party risk in a regulated environment
• Proven experience managing distinct projects and programs, with particularly strong skills in stakeholder management
• Strong written and verbal communication skills—including the ability to communicate effectively with different stakeholders across the business such as risk domain owners, internal audit, and the broader risk and compliance community
• Excellent cross-functional collaboration skills, including navigating leadership and interpersonal working relationships
• Exceptional organizational and time management skills
• Ability to handle multiple assignments while comfortably managing ambiguity
• Ability to assess and analyze data in order to solve problems and draw insightful conclusions

Preferred qualifications

• Previous experience building third party risk programs
• Previous experience implementing programs around regulatory frameworks
• Understanding of risk program elements including policy and risk appetite creation and maintenance
• Understanding of risk areas such as information security, privacy, business continuity, finance, reputation, operational, and ESG
• Experience with Tableau or other data visualization tools