Third Party Risk Management Capability Lead
Pacific Life · Newport Beach, CA · 1 wk ago
Finance$113k–$139k/yrFull-time
About the role
The Third Party Risk Management (TPRM) Capability Lead is a senior individual contributor responsible for governing and overseeing Pacific Life’s enterprise TPRM program within the 2nd line of defense. This role ensures robust cybersecurity, resilience, and third party due diligence practices are consistently applied and aligned with regulatory expectations, while driving continuous enhancement of governance structures supporting third party outsourcing risk.
Responsibilities
- Govern and enforce adherence to TPRM policies, standards, and control frameworks across the enterprise
- Ensure alignment with applicable regulatory expectations (e.g., NAIC, state DOI) and industry standards (e.g., NIST, ISO, Shared Assessments)
- Oversee and challenge third party due diligence reviews that span cybersecurity, data privacy, business continuity, financial, and operational risk elements
- Partner with the 1st line of defense to identify control gaps, assess residual risk, and ensure timely development and execution of risk treatment plans
- Escalate material risks, control deficiencies, and vendor issues through established governance and risk committee structures
- Develop and deliver executive and committee level reporting on third party risk exposure, trends, and emerging third party risks
- Serve as a trusted advisor to the business while providing effective 2nd line challenge to ensure appropriate risk based decisions
- Leverage industry best practices and external insights to strengthen governance, oversight, and program maturity
Requirements
- Bachelor’s degree or equivalent professional experience
- Minimum 5+ years of experience in third-party risk management, operational risk, information security risk, or related GRC disciplines
- In-depth knowledge of TPRM frameworks, lifecycle practices, and regulatory expectations
- Strong understanding of interconnected risk domains (cybersecurity, privacy, business continuity, and vendor operational risk)
- Proven ability to solve complex problems using both conceptual and practical approaches
- Demonstrated ability to operate independently with minimal supervision and sound judgment
- Experience in financial services, preferably life insurance or annuities
- Familiarity with industry frameworks and standards (e.g., NIST CSF, ISO 27001/22301, Shared Assessments SIG/VRMMM)
- Relevant professional certifications (e.g., CRVPM, CISA, CRISC, CISSP, CTPRP)
- Experience with TPRM platforms/continuous monitoring tools
- Strong competencies in analytical thinking, stakeholder influence, communication, and driving continuous improvement
- 5+ years of relevant experience in business resilience, business continuity, or operational resilience
Qualifications
- Demonstrated governance mindset, with proven ownership of TPRM policies, standards, and control frameworks, and ability to enforce consistent adherence across the enterprise
- Bring deep expertise in cybersecurity due diligence and third party risk domains, with the ability to independently challenge assessments and drive risk informed decisions
- Operate as a highly credible second line advisor, effectively balancing partnership with the business while delivering objective challenge and oversight
- Proven track record of enhancing program maturity, including implementing scalable monitoring, improving control effectiveness, and aligning to evolving regulatory expectations
- Excel at translating complex risk insights into clear, executive-level reporting and actionable recommendations for senior leadership and risk committees
Skills
- Strong analytical skills
- Excellent stakeholder influence and communication skills
- Ability to drive continuous improvement and enhance program maturity
Benefits
- Prioritization of your health and well-being including Medical, Dental, Vision, and Wellbeing Reimbursement Account that can be used on yourself or your eligible dependents
- Generous paid time off options including: Paid Time Off, Holiday Schedules, and Financial Planning Time Off
- Paid Parental Leave as well as an Adoption Assistance Program
- Competitive 401k savings plan with company match and an additional contribution regardless of participation
Pay
$113,490.00 - $138,710.00
Schedule
Hybrid role (4 days per week onsite) in our Newport Beach, CA office