Senior Manager, Third-Party Risk Management
Company: Genworth
Location: Richmond
Posted on: April 7, 2026
|
|
|
Job Description:
At Genworth, we empower families to navigate the aging journey
with confidence. We are compassionate, experienced allies for those
navigating care with guidance, products, and services that meet
families where they are. Further, we are the spouses, children,
siblings, friends, and neighbors of those that need care—and we
bring those experiences with us to work in serving our millions of
policyholders each day. We apply that same compassion and empathy
as we work with each other and our local communities. Genworth
values all perspectives, characteristics, and experiences so that
employees can bring their full, authentic selves to work to help
each other and our company succeed. We celebrate our diversity and
understand that being intentional about inclusion is the only way
to create a sense of belonging for all associates. We also invest
in the vitality of our local communities through grants from the
Genworth Foundation, event sponsorships, and employee volunteerism.
Our four values guide our strategy, our decisions, and our
interactions: - Make it human. We care about the people that make
up our customers, colleagues, and communities. - Make it about
others. We do what's best for our customers and collaborate to
drive progress. - Make it happen. We work with intention toward a
common purpose and forge ways forward together. - Make it better.
We create fulfilling purpose-driven careers by learning from the
world and each other. POSITION TITLE Senior Manager, Third-Party
Risk Management (TPRM) POSITION LOCATION Richmond, VA YOUR ROLE At
Genworth, we empower families to navigate the aging journey with
confidence. We are compassionate, experienced allies for those
navigating care with guidance, products, and services that meet
families where they are. As part of the Risk organization, this
role works with cross-functional teams to understand the risks that
face our company and execute risk management strategies that enable
we’re there for our customers and their families – now and in the
future. Job Summary The Senior Manager, Third-Party Risk Management
(TPRM) leads the day-to-day execution and ongoing maturity of the
organization’s third-party risk program. This role is accountable
for strengthening governance, streamlining and automating
workflows, improving risk intelligence, and enabling leaders to
make real-time, risk-informed decisions through effective TPRM
tooling, dashboards, and reporting. The Senior Manager partners
closely with stakeholders across Technology, Operations,
Sourcing/Vendor Management, Legal, Privacy, Compliance, and
Business Owners to ensure third-party risk is understood, managed,
and monitored across the third-party lifecycle—from intake and due
diligence through contracting, onboarding, continuous monitoring,
and offboarding. Key Outcomes - A measurably mature, scalable, and
consistent TPRM program (policy-to-process alignment, standardized
controls, and clear governance) - Leaders have timely, actionable,
and trusted risk insights (dashboards, KRIs, real-time status, and
decision-ready summaries) - The TPRM tool set is actively used and
optimized—enabling faster cycle times, better data quality, and
automation of manual steps - Strong engagement with management and
business stakeholders—clear accountability, escalations handled
appropriately, and risk accepted with informed approvals -
Continuous monitoring and issue/remediation management reduce
exposure and improve vendor performance over time What you will be
doing Program Leadership and Maturity - Drive the TPRM maturity
roadmap, including improvements to governance, policies/standards,
workflow design, tiering methodology, and lifecycle processes -
Establish and maintain program operating rhythms (e.g., monthly
risk reviews, KPI/KRI reporting, issue remediation tracking, and
executive readouts) - Identify gaps and implement enhancements to
ensure program scalability, consistency, auditability, and
alignment with regulatory/industry expectations - Develop and
maintain standard operating procedures, templates, playbooks, and
training to ensure consistent execution Stakeholder and Management
Interaction - Serve as a trusted advisor to senior leaders and
business owners, translating third-party risk into clear decision
options - Facilitate risk discussions, challenge risk assumptions
appropriately, and ensure documented risk decisions, exceptions,
and approvals align to governance - Partner with Sourcing/Vendor
Management to embed risk requirements into intake, sourcing, and
ongoing vendor management - Collaborate with Legal, Privacy,
Compliance, and Information Security to ensure contract provisions,
control expectations, and due diligence are aligned and enforceable
TPRM Tooling, Automation and Decision Enablement - Own day-to-day
management and optimization of the organization’s TPRM technology
stack - Configure and enhance workflows - Develop real-time
dashboards and reporting for leaders: portfolio risk views,
assessment status, SLA adherence, open issues, renewals,
concentration risk, and critical vendor oversight - Improve data
quality and establish a single source of truth for third-party risk
inventory, risk ratings, and decision history - Define and track
KPIs/KRIs (cycle time, backlog, critical findings aging,
remediation performance, override rates, exception trends)
Third-Party Risk Assessments and Lifecycle Management - Oversee
third-party risk assessments, including inherent risk tiering and
due diligence - Ensure assessment scope and depth are appropriate
for vendor criticality, data sensitivity, and service impact -
Drive effective issue management and remediation tracking,
including escalation paths for overdue or high-risk items -
Establish and maintain processes for periodic reassessments, and
continuous monitoring of high-risk/critical vendors Governance,
Reporting, Audit and Regulatory Support - Support internal/external
audits and examinations, ensuring evidence, artifacts, and controls
are well documented and repeatable - Maintain third-party
governance materials (policies, risk appetite alignment, RACI,
committee presentations, risk acceptance frameworks) - Provide
reporting and insights to governance forums and leadership
committees People Leadership (as applicable) - Lead, coach, and
develop a team of TPRM professionals - Set performance
expectations, ensure workload prioritization, and build a culture
of continuous improvement and strong business partnership What you
bring Required Qualifications - Bachelor’s degree or equivalent
practical experience - 8 years of experience in third-party risk
management, technology risk, operational risk, compliance, or
related disciplines - 3 years of experience leading programs and/or
teams, influencing cross-functional stakeholders, and driving
process maturity - Proven experience implementing or optimizing
TPRM programs and establishing a culture of continuous improvement
- Proven experience implementing or optimizing TPRM/GRC tools to
improve workflow automation, data quality, and reporting - Strong
ability to translate risk into decision-ready recommendations for
leaders and to facilitate risk acceptance discussions -
Demonstrated knowledge of third-party lifecycle practices: due
diligence, control validation, contracting requirements,
monitoring, and remediation Preferred Qualifications - Experience
in regulated industries (financial services, healthcare, insurance,
payments, or similar) - Familiarity with relevant frameworks and
expectations (e.g., NIST, ISO 27001, SOC reports, shared
responsibility models, vendor oversight guidance) - Certifications
such as CISA, CRISC, CISSP, CISM, or equivalent - Experience
integrating continuous monitoring signals (security ratings, threat
intelligence, incident notifications) into a TPRM operating model
Core Skills and Competencies - Program maturity leadership: ability
to design and scale governance, processes, and metrics -
Tool-driven execution: strong command of workflow automation,
dashboards, and data-driven program management - Communication:
concise, practical storytelling with clear risk options and
tradeoffs - Stakeholder influence: confident partnering with
business and technology leaders; able to challenge constructively -
Operational excellence: disciplined prioritization, SLA management,
and attention to audit-ready documentation - Risk judgment:
balanced approach—protects the organization while enabling the
business Employee Benefits & Well-Being Genworth employees make a
difference in people’s lives every day. We’re committed to making a
difference in our employees’ lives. - Competitive Compensation &
Total Rewards Incentives - Comprehensive Healthcare Coverage -
Multiple 401(k) Savings Plan Options - Auto Enrollment in
Employer-Directed Retirement Account Feature (100%
employer-funded!) - Generous Paid Time Off – Including 12 Paid
Holidays, Volunteer Time Off and Paid Family Leave - Disability,
Life, and Long Term Care Insurance - Tuition Reimbursement, Student
Loan Repayment and Training & Certification Support - Wellness
support including gym membership reimbursement and Employee
Assistance Program resources (work/life support, financial & legal
management) - Caregiver and Mental Health Support Services
ADDITIONAL - At this time, Genworth will not sponsor a new
applicant for employment authorization for this position.
Keywords: Genworth, Newport News , Senior Manager, Third-Party Risk Management, Accounting, Auditing , Richmond, Virginia
