Flex

Senior Director, Operational Risk Management – Third-Party Risk

Flex

full-time

Posted on:

Location Type: Hybrid

Location: San Francisco • California, New Jersey, New York • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $283,000 - $312,000 per year

Job Level

Senior

About the role

  • Design and implement Flex’s enterprise ORM framework and operating structure
  • Lead the ORM working group and drive programmatic cadences such as risk assessments, remediation planning, and quarterly reviews
  • Manage core operational risk activities including process mapping, Risk and Control Self-Assessments (RCSAs), Key Risk Indicators (KRIs), and incident/issue management
  • Deliver actionable reporting to senior leadership and align ORM with regulatory frameworks and industry standards (e.g., OCC, FFIEC, NIST)
  • Serve as the central coordination point for operational risk governance across business lines
  • Own the full third-party risk lifecycle from onboarding through termination across a diverse vendor ecosystem
  • Maintain and evolve the vendor inventory, tiering methodology, and due diligence standards
  • Partner cross-functionally with Legal, Security, Finance, CMS, and business stakeholders to ensure vendor engagements meet enterprise risk and regulatory standards
  • Conduct and review third-party assessments (e.g., SOC reports, control frameworks) and escalate risks when necessary
  • Manage residual risk ratings and design scalable ongoing monitoring practices; report vendor risks and mitigation strategies to senior leadership
  • Report directly to the Chief Compliance Officer and work cross-functionally with leaders in Legal, Security, Finance, and Product
  • Build scalable programs to enhance enterprise resilience and prepare Flex for public company readiness

Requirements

  • 7–10+ years of experience in risk management, with demonstrated expertise in both operational risk and third-party risk
  • Proven track record building and leading risk programs in regulated, high-growth, or technology-forward environments
  • Deep familiarity with relevant regulatory frameworks (OCC, NIST, FFIEC, etc.) and industry best practices for ORM and TPRM
  • Experienced in working cross-functionally and driving accountability across Legal, Finance, Security, and business teams
  • Effective communicator, able to synthesize complex issues and influence at all levels of the organization
  • Background in consulting or enterprise risk transformation is a strong plus
Benefits
  • Competitive pay
  • 100% company-paid medical, dental, and vision
  • 401(k) + company equity
  • Unlimited paid time off
  • 13 company paid holidays
  • Parental leave
  • Flex Cares Program
  • Free Flex subscription
  • Relocation assistance (for candidates outside NY/NJ/SF)

ATS Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
operational risk managementthird-party risk managementprocess mappingRisk and Control Self-AssessmentsKey Risk Indicatorsincident managementvendor managementrisk assessmentsremediation planningreporting
Soft skills
leadershipcommunicationcross-functional collaborationinfluencingaccountabilitysynthesis of complex issuesprogram buildingstakeholder engagementorganizational skillsstrategic thinking
Flex

Senior Director, Operational Risk Management and Third-Party Risk

Flex
Seniorfull-time$283k–$312k / yearCalifornia, New Jersey, New York · 🇺🇸 United States
Posted: 2 hours agoSource: boards.greenhouse.io
Goldstone Partners, Inc.

Senior Director – Information Security and Risk Management

Goldstone Partners, Inc.
Seniorfull-time$170k–$185k / yearIllinois · 🇺🇸 United States
Posted: 20 days agoSource: jobs.smartrecruiters.com
AWSAzureCloud
BMG Money

Senior Manager, Business Controls

BMG Money
Seniorfull-timeFlorida · 🇺🇸 United States
Posted: 30 days agoSource: boards.greenhouse.io
Lambda

Senior Manager, Security Incident Detection and Response

Lambda
Seniorfull-time$360k–$540k / yearCalifornia · 🇺🇸 United States
Posted: 31 days agoSource: jobs.ashbyhq.com
Cloud
USAA

IT/IS SSDLC Risk Management and Governance Executive

USAA
Senior · Leadfull-time$170k–$306k / yearFlorida, North Carolina · 🇺🇸 United States
Posted: 6 days agoSource: usaa.wd1.myworkdayjobs.com
C++SDLC