Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

The Third Party Risk Management (TPRM) team is accountable for defining, maintaining, and overseeing the third party risk framework, policy, and inventory in accordance with management expectations and best practices. We are focused on assessing and managing risks exposed through our relationships with third parties, adhering to regulatory guidance, and driving operational efficiencies across risk teams.

What you’ll do

The purpose of the Program Manager, Third Party Risk is to support and maintain a robust framework for identifying, assessing, and managing third party risks to protect Stripe.

This role will partner with cross-functional Risk Domain Owners, Procurement sub-teams, Legal, and other stakeholders to apply a unified Third Party Risk Framework across risk and compliance areas.

This person maintains the existing Stripe Third Party Risk Program, Policy, and Standards, while further developing new Standards to propel the maturity of the Third Party Risk Program.

Responsibilities

Maintain the Global Third Party Risk Management Program, Policy, and Framework, ensuring alignment with relevant regulations, standards, and best practices
Launch and mature nascent risk domains to increase overall program maturity
Design and support an enhanced oversight model for specialized third party types including Partnerships, and Contingent Workers
Design and enhance elements of the existing Third Party Risk Framework including offboarding and incident monitoring, among other areas
Build and oversee third party performance management function; define performance standards, including metric templates and ongoing monitoring activities, to ensure third party health
Design effective reporting to monitor and communicate the third party risk program status, key issues, and remediation plans to governance committees, senior leaders, and relevant stakeholders
Serve as subject matter expert and coordinator of system business requirements among risk domain owners and stakeholders - prioritizing effective requirements (Users First and Risk Focused)

Who you are

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

4+ years of experience in risk or compliance roles, preferably third party risk in a regulated environment
Proven experience managing distinct projects and programs, with particularly strong skills in stakeholder management
Strong written and verbal communication skills—including the ability to communicate effectively with different stakeholders across the business such as risk domain owners, internal audit, and the broader risk and compliance community
Excellent cross-functional collaboration skills, including navigating leadership and interpersonal working relationships
Exceptional organizational and time management skills
Ability to handle multiple assignments while comfortably managing ambiguity
Ability to assess and analyze data in order to solve problems and draw insightful conclusions

Preferred qualifications

Previous experience building third party risk programs
Previous experience implementing programs around regulatory frameworks
Understanding of risk program elements including policy and risk appetite creation and maintenance
Understanding of risk areas such as information security, privacy, business continuity, finance, reputation, operational, and ESG
Experience with Tableau or other data visualization tools

This role is available either in an office or a remote location (35+ miles or 56+ km from a Stripe office).

Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.

A remote location is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently live or plan to live.

The annual US base salary range for this role is $123,600 - $185,400. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.

Office locations

Atlanta, New York, South San Francisco HQ, Seattle, or Chicago

Remote locations

Remote in United States

Team

Controllership

Job type

Full time

Apply for this role

See more open positions at Stripe

Privacy policy Cookie policy