IMEx Implementation Lead overseeing the delivery of IMEX Ecosystem Care for Pfizer's governance council. Collaborating with cross - functional teams to structure and implement solutions through effective standard work.
About the role
- Risk Analyst at Alviere overseeing third-party compliance and risk management. Responsible for vendor due diligence, regulatory compliance, and stakeholder coordination.
Responsibilities
- Own and maintain Alviere's third-party criticality and risk tier framework — classifying all vendors, bank partners, and enterprise clients as critical, high, medium, or low risk; applying the framework consistently at intake and on material relationship changes; and maintaining the vendor registry as the authoritative source of record.
- Execute the full vendor due diligence lifecycle — initial intake and risk assessment, due diligence (SOC 2 report review, security questionnaire, financial stability, PCI attestation, BCP documentation), contract gating, annual re-assessment, SLA and performance monitoring, vendor issue escalation and resolution through the VI Jira project, and formal offboarding documentation.
- Manage the external auditors annual qualification and independence assessment.
- Manage bank partner annual oversight review cycles — coordinating multi-bank due diligence submissions; assembling packages across Compliance, IT, and Finance workstreams; completing Wolfsberg Questionnaires, PCI DSS SAQ-A/AOC, Beneficial Ownership, disaster recovery and penetration testing evidence; and serving as the primary compliance point of contact through each review cycle.
- Own the TPRM-domain controls within Alviere's SOC 2 and PCI compliance programs — maintaining evidence that Alviere conducts systematic initial and ongoing vendor oversight, reviewing inbound vendor SOC 2 Type II reports for exceptions and qualified opinions, and delivering complete TPRM evidence into the annual audit Jira board on schedule.
- Track and resolve vendor initiatives and issues in Jira — managing vendor capability evaluations, contract renewals and commercial negotiations, SLA violation escalations, technical issue tracking, and new vendor selection processes; coordinating across Legal, Finance, Product, and Engineering to keep initiatives moving.
- Prepare TPRM inputs for the quarterly Risk & Compliance Committee — vendor portfolio status, open due diligence items, issue aging, tier distribution, newly onboarded and offboarded relationships, and any material third-party risk findings from the period.
Requirements
- 3–5 years of experience in vendor risk management, third-party due diligence, compliance operations, or a related function at a financial institution, fintech, payment processor, or professional services firm — with demonstrated experience personally conducting (not just coordinating) due diligence reviews.
- Ability to read and interpret vendor SOC 2 Type II reports independently — identifying control exceptions, auditor qualifications, subservice organization dependencies, and translating findings into a risk rating update with minimal supervision.
- Familiarity with bank partner oversight review mechanics in a bank-sponsored fintech or program manager model — understanding of Wolfsberg Questionnaire purpose, PCI DSS attestation requirements, and the regulatory logic underlying TPRM requirements imposed by sponsor banks.
- Strong cross-functional coordination skills — comfortable routing documentation requests across Legal, Finance, IT, and Engineering; managing external relationships with bank compliance teams and vendor representatives; and keeping multi-party processes moving to hard deadlines.
- Operational discipline and process ownership — experience managing Jira workflows, maintaining structured registries and trackers, and producing clean, complete documentation for audit and compliance purposes.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Data Analyst ensuring integrity and strategic usability of building data for T - Mobile's Occupancy Planning team. Translating approved space changes into structured data for informed decision - making in workplace strategy.
Risk Assurance Manager guiding AI assurance plans at PwC Australia. Collaborating on governance frameworks and risk management for responsible AI usage.
Senior Business Intel Analyst providing quantitative and qualitative data analysis and reporting at Navy Federal. Analyzing business problems and supporting decisions through insights and trends.
Risk Analyst I supporting the development of Osaic's risk management program. Engaging with experts and documenting key risks and controls while assisting in project completion.
Senior Advisor managing insurance risk oversight at iA Financial Group. Focusing on developing and enhancing risk management frameworks within the insurance sector.
Senior Manager overseeing supplier risk at Lloyds Banking Group, leading risk management and regulatory compliance initiatives. Responsible for building relationships and ensuring adherence to operational risk standards.
Director of Data Governance overseeing AI and data management frameworks at Transamerica. Ensuring regulatory compliance and driving successful data governance practices across the organization.
Manager for Model Risk Operations at Manulife, focusing on automated reporting and data engineering solutions. Collaborating with teams to ensure accurate and effective risk communication across enterprise.
VP, Credit Merchant Risk role managing credit and fraud risk teams for Synchrony, providing strategic oversight and collaborating with key stakeholders on risk operations.