Enterprise Risk Management
Third Party Risk Manager
Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency and public blockchains for payments, commerce and financial applications worldwide. Circle platforms and products provide a suite of internet-native financial services for payments, treasury infrastructure and capital formation. Circle is also a principal developer of USD Coin (USDC), which has become the fastest growing dollar digital currency in the world. USDC has grown to over 44+ billion in circulation and supported over $1.7+ trillion in transactions in the past year. Circle’s payments and treasury infrastructure services available through the Circle Account and APIs helps bridge the legacy financial system and digital currency and blockchain based finance. Combined, Circle’s suite of services helps companies to participate in a more open, global and inclusive financial system.
What you’ll be part of:
With the mission “To raise global economic prosperity through the frictionless exchange of value,” Circle was founded on the belief that the internet, blockchains and digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient and integrated world economy. We envision a global economy where people and businesses everywhere can more freely connect and transact with each other with new technologies for digital money and internet-native finance. We believe such a system can raise prosperity for people and companies everywhere. Our mission is powered by the values we espouse and which we expect all Circlers to respect. We are Multistakeholder, serving the needs of our customers, our shareholders, our employees and families, our local communities and our world. Furthermore, we are also Mindful, Driven by Excellence, and High Integrity.
What you’ll be responsible for:
As part of the Enterprise Risk Management Strategic Programs team, you will be responsible for establishing, implementing and maintaining a best-in-class robust, flexible, and automated Third Party Risk Management (TPRM) Program to enable Circle’s business strategy with appropriate risk management and oversight in place.
Specifically, as a key second line of defense role, you will be responsible for governance and oversight of Circle’s third party risk and for assessing the effectiveness of the controls in place to identify, assess, monitor, respond to, and manage Circle’s third party risk throughout the third party’s lifecycle with Circle.
The ideal candidate will be a domain expert in Third Party Risk Management, customer-centric, an excellent communicator, have an agile mindset and be able to develop approaches that scale. Collaborating, building influence in cross-functional partnerships, and developing stakeholder relationships across the organization and with third party providers is an essential part of this role.
What you'll work on:
- Leading build-out of Third Party Risk Management and Oversight Program in alignment with stakeholders across the organization and related processes (procurement, legal, security, etc.)
- Driving a holistic and consistent approach to the program and aligning with the Risk Management Framework and relevant regulatory guidance adhering to third party requirements
- Leveraging experience to evaluate the adequacy, effectiveness and execution of program and the internal controls; recommending and driving improvements or enhancements in alignment with internal strategies, industry best practices, standard security frameworks, and regulatory guidance
- Being accountable for oversight of vendor risk assessments, vendor risk methodologies, periodic monitoring, process documentation, risk remediation, and reporting (both internal and external)
- Conducting vendor performance monitoring to proactively identify issues and work with Circle stakeholders and third parties as appropriate to track the risk remediation through closure including assisting the business in creating either formal Mitigation Plans or Issues
- Contributing to the implementation of tools and automation to support effective management and oversight of third party risk and mature processes to scale the program
- Maintaining both individual vendor views as well as an aggregate view of risk across all third parties, including linkage to other operational risks for a holistic understanding of risk landscape
- Developing Key Performance and Key Risk Indicator and other metrics and regular reporting to measure and track compliance, risk, and the effectiveness of the program including regular and ad hoc reporting to internal as well as external stakeholders such as regulators
- Maintaining presentation materials to provide program overview, updates and results to committees, key partners and third parties
- Developing and maintaining strong relationships based on trust and transparency with primary business stakeholders and third-party contacts
- Providing support and input for related audits or examinations from internal/external parties and collaborate with relevant stakeholders to ensure findings are appropriately remediated
- Providing on-going consulting and subject-matter expertise; developing and delivering training to build awareness of third party risks and TPRM processes
- Support the company’s commitment to risk management and protecting the confidentiality, integrity and availability of systems and data
You will aspire to our four core values:
- Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
- Mindful - you seek to be respectful, an active listener and to pay attention to detail
- Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals
- High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance
What you’ll bring to Circle:
- 8+ years relevant experience in risk/compliance, vendor management, third party risk management and/or related discipline
- Working knowledge of Vendor Management, regulatory compliance (e.g. FFIEC Appendix J, ISO 22301, ISO 27001, SOX, SOC II, as they relate to Vendor Risk Management) activities
- Demonstrated experience designing, building, and managing vendor management (VM)/TPRM programs; performing and leading third party risk assessments
- VM/TPRM experience in any of banking, consulting, or cryptocurrency required; Experience in a RegTech or Fintech company is preferred
- Demonstrated ability to communicate complex issues in a clear, concise and impactful way
- Strong attention to detail and achieving results, with an emphasis on how work is being accomplished
- Excellent ability to investigate, analyze, and interpret data
- Interest and passion for harnessing the power of digital currency and blockchain technology and services built on top of it
- Experience working hands-on and collaboratively with other cross-functional team leaders, such as lawyers, engineers, security professionals, product managers, data analysts, operations analysts in improving risk management processes and systems
- Experience and comfort working in an ever-changing industry and the flexibility to quickly react to changing demands
- Experience/familiarity with Slack, Apple MacOS and GSuite preferred
- Bachelors or Masters degree
- This position is eligible for day-one PERM sponsorship for qualified candidates.
We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.