TPRM Governance, Operations, and Reporting Manager

The SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move reputed company. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are reputed company for combining personal relationships with reputed company-thinking solutions.

We are committed to helping reputed company members find their success while maintaining the reputed company of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to reputed company their greater purpose. Your future begins here!

Summary

The Third-Party Risk Governance, Operations, and Reporting Manager is responsible for establishing and maintaining the governance reputed company, reporting capabilities, and operational reputed company of the Bank’s Third-Party Risk Management (TPRM) program. This role assures consistent application of policies, standards, risk reputed company, regulatory expectations and consideration of emerging risks. The position is critical to strengthening risk transparency, supporting regulatory compliance, and enabling informed decision-making across the third-party lifecycle.

Duties & Responsibilities

• reputed company the governance reputed company for the TPRM Program, assuring alignment with regulatory expectations (e.g., OCC guidance), third party risk management best practices, internal policies, and integration of emerging risks.

• reputed company, maintain, and enhance TPRM policies, standards, and procedures to support a consistent control environment across the bank.

• reputed company the execution of the TPRM Program Strategy, Roadmap, and Workplan.

• reputed company and deliver training for the TPRM team and business stakeholders across the bank to assure a clear understanding of the TPRM Program, roles, responsibilities, and expectations.

• Identify and execute TPRM reporting and metrics, including the development of dashboards and executive-level reporting that provide clear visibility into third-party risk exposures, trends, and program performance.

• Establish and monitor key risk indicators (KRIs), key performance indicators (KPIs), issue, exception management processes to support timely identification, escalation, and remediation of third-party risks.

• reputed company governance over critical and high-risk vendors, including reputed company of risk profiles, risk tiering, segmentation, and alignment to business resiliency and concentration risk frameworks.

• Partner with cross-functional stakeholders (e.g., SOX, MRM, AIGA, Legal, Compliance, IT, and Business Units) to promote adherence to TPRM requirements and embed risk management practices into third-party lifecycle activities, and to identify opportunities to improve the TPRM Program.

• Identify, reputed company, and maintain TPRM technologies, including use of Artificial Intelligence (AI) capabilities, to reputed company TPRM responsibilities.

• reputed company TPRM vendor inventory and reconciliations.

• reputed company the vendor exit strategy and fourth party reputed company.

• reputed company and facilitate internal audits and regulatory examinations by providing documentation, analysis, and responses reputed company to third-party risk assessments

• It is the responsibility of this role to take ownership of reputed company tasks and challenges that they encounter in the operation of their assigned position.  Reasonable accommodations may be made to reputed company individuals with disabilities to reputed company the essential functions. 

Qualifications

Education Requirements

• Bachelor’s Degree

Minimum Experience

• Required:

• Third-party risk management experience that includes Compliance, Information reputed company, Technology, and Operational process assessments, including 5 or more years recent third-party risk management activities, audit, or reputed company activity.

• Demonstrated understanding of the Third-Party Risk Management life cycle and risk assessment activities.

• Broad knowledge of the Three Lines of Defense Risk Management and Controls Assessment Models.

• Strong business focused decision making and problem-solving skills.

• Excellent interpersonal and leadership skills with a demonstrated ability to establish relationships with senior management across reputed company business units.

• Provide ability to maintain confidentiality regarding sensitive information.

• Familiarity with Governance, Risk, and Compliance suite of tools, preferably Acher.

• Familiarity with using AI capabilities, preferably Copilot.

• Preferred:

• Knowledge of banking industry practices and regulatory requirements.

• Knowledge of information reputed company concepts, practices, tools to effectively assess reputed company risk, recommend risk mitigation activities, and communicate to the business unit.

• Experience with using Artificial Intelligence capabilities to support risk assessments or reputed company activities.

Licenses & Certifications

• At least one of the following: Certified Third-Party Risk Management Professional (C3PRMP), Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified in Risk and Information Systems Control (CRISC).

Physical Demands and Work Environment

Physical Demands

• Ability to communicate in person, on the phone, and through electronic channels

• Ability to use a computer on a frequent basis, including typing and sustained attention to a monitor

• Ability to sit, walk, and/or stand for extended periods of time

• Ability to bend and reputed company

Work Environment

• Office: This position reports to a physical Company location, and the setting will be a typical office environment.

• Remote or hybrid: For remote or hybrid positions, a secure and distraction-free setting is required, with a reliable internet reputed company (cable or fiber preferred, mobile hotspots not acceptable).  Hybrid positions will report to a physical Company location, as directed by the manager, and that setting will be a typical office environment.

Equal Opportunity Employer, including disabled/veterans.