Hybrid Director, TPRM Program Governance na Webster

If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.  

Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

The Third-Party Risk Management (TPRM) Program Governance Lead is responsible for overseeing the governance, structure, and ongoing development of the bank’s third-party risk management framework. This role ensures that the TPRM program aligns with regulatory expectations, internal risk appetite, and strategic business objectives. The individual will play a critical role in policy oversight, risk reporting, regulatory engagement, control assurance, and continuous program enhancements.

Key Responsibilities

Program Governance Management

• Maintain and enhance the TPRM governance framework, including policies, standards, procedures, and control documentation.

• Lead or support strategic initiatives to mature the TPRM program, including tool implementations, workflow automation, and integration with other risk disciplines (e.g., Information Security, Compliance, Legal).

• Work with initiative leaders and other project owners to ensure timely, accurate updates are captured and communicated to the team, Risk Partners and Leadership.

• Support leadership in ensuring third-party oversight is effectively implemented bank wide.

• Develop and maintain program dashboards, KPIs/KRIs, and executive reporting for senior leadership and Board-level risk committees.

• Track program compliance, exceptions, and issues to inform risk-based decision-making.

• Perform control testing and assurance activities across key TPRM lifecycle processes (e.g., due diligence, risk assessments, ongoing monitoring).

• Identify program gaps or inconsistencies and drive remediation plans.

• Ensure consensus and appropriate sign-off is obtained for any new, enhancement/changes to the program.

• Ensure communication plan is developed and executed by project/initiatives leader to ensure awareness and transparency.

• Review of any required training materials to support release of projects/initiatives.

Policies and Procedures Management

• Conduct annual refresh of TPRM Policy and Charter.

• Ensure any changes to the program are captured in the appropriate procedures and posted to the appropriate repository.  

• Conduct procedure review based on importance to the program.

TPRM Committee Leader

• Set agenda/action(s) for Committee including date/time attendees, presenters, etc.

• Ensure annual Third-Party reviews for Critical and High Third Parties.

• Work with Relationship managers to develop annual update presentations.

• Capture meeting minutes and publish de-brief/takeaways.

• Obtain sign-off from stakeholders. 

Contract Worker Support (when applicable)

• Manage contract workers to support program initiatives.

• Work with Contractor Third Party to on/off-board worker.

• Set deliverables and ensure execution on requirements.  

Regulatory Relations, Legal and Audit Liaison

• Work with Risk Partners to ensure TPRM program is harmonized with Risk Partners.

• Create communication plans to ensure transparency and understanding.

• Coordinate responses to internal audits, regulatory exams, and compliance testing related to third-party risk.

• Monitor relevant regulatory changes (e.g., OCC, FRB, FDIC, CFPB, NYDFS) and ensure TPRM program alignment.

Requirements

• Bachelor’s degree or 7+ years work experience equivalent in Third-Party Risk, Enterprise Risk, or governance roles

• Strong understanding of regulatory frameworks and risk management standards

• Experience with GRC platforms (e.g. Process Unity, Archer, Coupa, ServiceNow)

• Six Sigma Training/Certification

• MS Office suite

• Ability to prioritize work to meet deadlines and work both independently and within a team structure

• Relevant certifications (e.g. CTPRP, CRVPM, CRISA, CISA) are a plus

• Other projects and initiatives as assigned 

This role has a hybrid work schedule and can be based in our NY (NYC, White Plains, Jericho) and CT (Southington, Stamford).
 
The estimated base salary range for this position is $130,000 USD to $150,000 USD.  Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.
 
#LI-RK1
#LI-HYBRID

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.