Job Description

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.  

Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

The Third-Party Risk Management (TPRM) Program Governance Lead is responsible for overseeing the governance, structure, and ongoing development of the bank’s third-party risk management framework. This role ensures that the TPRM program aligns with regulatory expectations, internal risk appetite, and strategic business objectives. The individual will play a critical role in policy oversight, risk reporting, regulatory engagement, control assurance, and continuous program enhancements.

Key Responsibilities

Program Governance Management

  • Maintain and enhance the TPRM governance framework, including policies, standards, procedures, and control documentation.

  • Lead or support strategic initiatives to mature the TPRM program, including tool implementations, workflow automation, and integration with other risk disciplines (e.g., Information Security, Compliance, Legal).

  • Work with initiative leaders and other project owners to ensure timely, accurate updates are captured and communicated to the team, Risk Partners and Leadership.

  • Support leadership in ensuring third-party oversight is effectively implemented bank wide.

  • Develop and maintain program dashboards, KPIs/KRIs, and executive reporting for senior leadership and Board-level risk committees.

  • Track program compliance, exceptions, and issues to inform risk-based decision-making.

  • Perform control testing and assurance activities across key TPRM lifecycle processes (e.g., due diligence, risk assessments, ongoing monitoring).

  • Identify program gaps or inconsistencies and drive remediation plans.

  • Ensure consensus and appropriate sign-off is obtained for any new, enhancement/changes to the program.

  • Ensure communication plan is developed and executed by project/initiatives leader to ensure awareness and transparency.

  • Review of any required training materials to support release of projects/initiatives.

Policies and Procedures Management

  • Conduct annual refresh of TPRM Policy and Charter.

  • Ensure any changes to the program are captured in the appropriate procedures and posted to the appropriate repository.  

  • Conduct procedure review based on importance to the program.

TPRM Committee Leader

  • Set agenda/action(s) for Committee including date/time attendees, presenters, etc.

  • Ensure annual Third-Party reviews for Critical and High Third Parties.

  • Work with Relationship managers to develop annual update presentations.

  • Capture meeting minutes and publish de-brief/takeaways.

  • Obtain sign-off from stakeholders. 

Contract Worker Support (when applicable)

  • Manage contract workers to support program initiatives.

  • Work with Contractor Third Party to on/off-board worker.

  • Set deliverables and ensure execution on requirements.  

Regulatory Relations, Legal and Audit Liaison

  • Work with Risk Partners to ensure TPRM program is harmonized with Risk Partners.

  • Create communication plans to ensure transparency and understanding.

  • Coordinate responses to internal audits, regulatory exams, and compliance testing related to third-party risk.

  • Monitor relevant regulatory changes (e.g., OCC, FRB, FDIC, CFPB, NYDFS) and ensure TPRM program alignment.

Requirements

  • Bachelor’s degree or 7+ years work experience equivalent in Third-Party Risk, Enterprise Risk, or governance roles

  • Strong understanding of regulatory frameworks and risk management standards

  • Experience with GRC platforms (e.g. Process Unity, Archer, Coupa, ServiceNow)

  • Six Sigma Training/Certification

  • MS Office suite

  • Ability to prioritize work to meet deadlines and work both independently and within a team structure

  • Relevant certifications (e.g. CTPRP, CRVPM, CRISA, CISA) are a plus

  • Other projects and initiatives as assigned 

This role has a hybrid work schedule and can be based in our NY (NYC, White Plains, Jericho) and CT (Southington, Stamford).
 
The estimated base salary range for this position is $130,000 USD to $150,000 USD.  Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.
 
#LI-RK1
#LI-HYBRID

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online