Third-Party Risk Management (TPRM) Transformation Leader
Apply NowCompany: UKG, Inc.
Location: Lowell, MA 01852
Description:
Company Overview
With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.
At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.
Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you.
About the Team
UKG is seeking a Third-Party Risk Management (TPRM) Transformation Leader to join its Risk and Compliance team. The Risk and Compliance team plays a vital role in safeguarding UKG's operations, reputation, and assets. The team works collaboratively across departments to proactively identify, assess, and manage risks, and ensure adherence to regulatory standards.
About the Role
The Senior Manager, TPRM Transformation will be responsible for redesigning, executing, and enhancing our Third-Party Risk Management strategy. This individual will manage all aspects of the TPRM program including enhancing program governance and approach, redesign of risk assessment and due diligence components, stand up and launch of ongoing monitoring programs, and the ultimate execution of the TPRM function in the future state. They will lead a team that works cross-functionally to ensure that third-party risks are appropriately mitigated, managed, and reported.
The ideal candidate will have deep expertise in risk management, vendor management, compliance frameworks, change management / transformation execution and a proven track record of implementing transformative programs in a fast-paced, technology-driven environment.
Key Responsibilities:
About You
Basic Qualifications:
Preferred Qualifications:
Where we're going
UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!
Equal Opportunity Employer
UKG is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.
View The EEO Know Your Rights poster
UKG participates in E-Verify. View the E-Verify posters here.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
The pay range for this position is $142,100 to $204,200 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at https://www.ukg.com/careers
With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.
At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.
Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you.
About the Team
UKG is seeking a Third-Party Risk Management (TPRM) Transformation Leader to join its Risk and Compliance team. The Risk and Compliance team plays a vital role in safeguarding UKG's operations, reputation, and assets. The team works collaboratively across departments to proactively identify, assess, and manage risks, and ensure adherence to regulatory standards.
About the Role
The Senior Manager, TPRM Transformation will be responsible for redesigning, executing, and enhancing our Third-Party Risk Management strategy. This individual will manage all aspects of the TPRM program including enhancing program governance and approach, redesign of risk assessment and due diligence components, stand up and launch of ongoing monitoring programs, and the ultimate execution of the TPRM function in the future state. They will lead a team that works cross-functionally to ensure that third-party risks are appropriately mitigated, managed, and reported.
The ideal candidate will have deep expertise in risk management, vendor management, compliance frameworks, change management / transformation execution and a proven track record of implementing transformative programs in a fast-paced, technology-driven environment.
Key Responsibilities:
- Strategy Development and Implementation
- Lead the development and execution of a comprehensive Third-Party Risk Management (TPRM) program, aligned with industry standards and regulatory requirements.
- Define and drive the vision and goals for TPRM across the organization, ensuring alignment with the overall risk management and compliance frameworks.
- Risk Assessment & Mitigation:
- Oversee the redesign of risk assessment processes and due diligence components for third-party vendors.
- Identify and assess potential risks (e.g., cybersecurity, financial, operational, regulatory, reputational) posed by third-party vendors, contractors, partners, and resellers in collaboration with cross-functional subject matter experts.
- Implement proactive risk mitigation strategies and recommend solutions to minimize third-party related risks.
- Ensure the TPRM program adheres to relevant regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, SOC 2, CCPA, etc.).
- Collaboration, Training, & Stakeholder Management:
- Work closely with senior leadership, business units, and functional teams to ensure alignment between the enhanced TPRM program and the company's broader risk management, security, and compliance efforts.
- Lead the communication and training components of disseminating a newly designed program to existing workforce and collaborators.
- Provide guidance and training to internal teams on TPRM processes during program rollout.
- Transformation/Change Management & Continuous Improvement:
- Lead the implementation of newly designed/obtained tools, processes, and frameworks for managing third-party vendors' performance, compliance, and risk exposure.
- Develop and manage vendor monitoring processes to ensure third parties meet contractual obligations, regulatory requirements, and risk management standards.
- Continuously monitor and evaluate the effectiveness of the TPRM program, making improvements and optimizations as necessary.
About You
Basic Qualifications:
- 12+ years of experience in Third-Party Risk Management, Risk Management Strategy, Cybersecurity, Compliance, or related fields
- Proven track record in transforming and enhancing TPRM/Risk Management programs in the technology or similar sectors.
- Strong proficiency in vendor risk management, contract management, risk assessments, and transformation/remediation frameworks.
- Experience leading cross-functional teams and managing relationships with senior leadership.
- Expertise with Third-party Risk Management and/or GRC software/platforms
- Understanding of SaaS company/working in SaaS environments.
- Deep understanding of industry standards and regulatory requirements relevant to TPRM and risk management frameworks.
- Strong expertise in cybersecurity, data privacy, technology, and operational risks.
Preferred Qualifications:
- Excellent problem-solving, analytical, and decision-making abilities.
- Exceptional communication skills with the ability to present complex information clearly and effectively to both technical and non-technical stakeholders.
- Refined organizational skills relating to large program transformation and change management expectations.
- Bachelor's degree in risk management, Cybersecurity, Information Security, Business Administration, or related field. Master's degree preferred.
- Relevant certifications such as Certified Third-Party Risk Professional (CTPRP), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), or Vendor Risk Management Professional (VRMP) are desirable.
Where we're going
UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!
Equal Opportunity Employer
UKG is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.
View The EEO Know Your Rights poster
UKG participates in E-Verify. View the E-Verify posters here.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
The pay range for this position is $142,100 to $204,200 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at https://www.ukg.com/careers