Program Manager, Third Party Regulatory Risk

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

The Third Party Risk Management team is accountable for defining, maintaining, and overseeing the third party risk framework, policy, and inventory in accordance with management expectations and best practices. We are focused on assessing and managing risks exposed through our relationships with suppliers, adhering to regulatory guidance, and driving operational efficiencies across risk teams.

What you’ll do

The purpose of the Program Manager, Third Party Regulatory Risk is to support the development of our regulatory compliance programs and control effectiveness of the existing framework for identifying, assessing, and managing third party risks to protect Stripe. 

This role will partner with cross-functional Risk Domain Owners, Procurement sub-teams, Legal, and other stakeholders to apply a unified Third Party Risk Framework across risk and compliance areas.

This person will refine our existing regulatory compliance programs across the Digital Operational Resilience Act (DORA), and other regulatory regimes.

Responsibilities

• Refine existing regulatory compliance programs across the Digital Operational Resilience Act (DORA) and other regulatory regimes pertaining to third party suppliers.
• Carry out supporting oversight activities of the regulatory compliance programs across third party suppliers (e.g., due diligence, criticality, performance monitoring, etc.)
• Point of contact and subject matter expert for all internal and external audit and exam requests.
• Project management of external communications with Users, external auditors, and external regulatory examiners; including where cross functional input is required.
• Responsible for ensuring timely resolution of identified recommendations and findings.
• Support an oversight model for global Outsourced Service Providers as defined by global regulators (Central Bank of Ireland, etc).
• Conduct regular assessments of program processes to identify gaps or areas for improvement.
• Participate in the supplier incident response framework in partnership with stakeholder incident response teams to consistently respond to incidents, track to resolution, and monitor remediation, where required.
• Stay updated on emerging trends, regulations, and industry standards related to third party risk management and integrate them into Stripe's program.

Who you are

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

• 5+ years of experience in risk and compliance.
• Subject matter expertise in third party risk and compliance including specific focus on US and EMEA regulations, especially DORA,  in addition to other global jurisdictions.
• Proven experience managing distinct projects and programs, with particularly strong skills in stakeholder management.
• Comfortable cleaning, organizing, analyzing, and structuring data for reporting across different audiences (e.g., Regulators, Leadership)
• Experience in leading the delivery of regulatory programs in a financial services environment.
• Understanding of compliance and regulatory (payments) obligations including third party, outsourcing and operational resilience
• Experience working in ambiguous, quickly scaling environments.
• Strong written and verbal communication skills—including the ability to communicate effectively with different stakeholders across the business
• Excellent cross-functional collaboration skills, including navigating leadership and interpersonal working relationships
• Exceptional organizational and time management skills
• Ability to handle multiple assignments and assess and analyze data in order to solve problems, comfortably managing ambiguity

Preferred qualifications

• Previous experience building third party risk programs
• Previous experience implementing programs around regulatory frameworks
• Experience with Tableau or other data visualization tools