At Genworth, we empower families to navigate the aging journey with confidence. We are compassionate, experienced allies for those navigating care with guidance, products, and services that meet families where they are. Further, we are the spouses, children, siblings, friends, and neighbors of those that need care—and we bring those experiences with us to work in serving our millions of policyholders each day.
We apply that same compassion and empathy as we work with each other and our local communities. Genworth values all perspectives, characteristics, and experiences so that employees can bring their full, authentic selves to work to help each other and our company succeed. We celebrate our diversity and understand that being intentional about inclusion is the only way to create a sense of belonging for all associates. We also invest in the vitality of our local communities through grants from the Genworth Foundation, event sponsorships, and employee volunteerism.
Our four values guide our strategy, our decisions, and our interactions:
- Make it human. We care about the people that make up our customers, colleagues, and communities.
- Make it about others. We do what's best for our customers and collaborate to drive progress.
- Make it happen. We work with intention toward a common purpose and forge ways forward together.
- Make it better. We create fulfilling purpose-driven careers by learning from the world and each other.
POSITION TITLE
Senior Manager, Third-Party Risk Management (TPRM)
POSITION LOCATION
Richmond, VA
YOUR ROLE
At Genworth, we empower families to navigate the aging journey with confidence. We are compassionate, experienced allies for those navigating care with guidance, products, and services that meet families where they are. As part of the Risk organization, this role works with cross-functional teams to understand the risks that face our company and execute risk management strategies that enable we’re there for our customers and their families – now and in the future.
Job Summary
The Senior Manager, Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining and automating workflows, improving risk intelligence, and enabling leaders to make real-time, risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Technology, Operations, Sourcing/Vendor Management, Legal, Privacy, Compliance, and Business Owners to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.
Key Outcomes
- A measurably mature, scalable, and consistent TPRM program (policy-to-process alignment, standardized controls, and clear governance)
- Leaders have timely, actionable, and trusted risk insights (dashboards, KRIs, real-time status, and decision-ready summaries)
- The TPRM tool set is actively used and optimized—enabling faster cycle times, better data quality, and automation of manual steps
- Strong engagement with management and business stakeholders—clear accountability, escalations handled appropriately, and risk accepted with informed approvals
- Continuous monitoring and issue/remediation management reduce exposure and improve vendor performance over time
What you will be doing
Program Leadership and Maturity
- Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes
- Establish and maintain program operating rhythms (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)
- Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry expectations
- Develop and maintain standard operating procedures, templates, playbooks, and training to ensure consistent execution
Stakeholder and Management Interaction
- Serve as a trusted advisor to senior leaders and business owners, translating third-party risk into clear decision options
- Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, exceptions, and approvals align to governance
- Partner with Sourcing/Vendor Management to embed risk requirements into intake, sourcing, and ongoing vendor management
- Collaborate with Legal, Privacy, Compliance, and Information Security to ensure contract provisions, control expectations, and due diligence are aligned and enforceable
TPRM Tooling, Automation and Decision Enablement
- Own day-to-day management and optimization of the organization’s TPRM technology stack
- Configure and enhance workflows
- Develop real-time dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, renewals, concentration risk, and critical vendor oversight
- Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history
- Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, exception trends)
Third-Party Risk Assessments and Lifecycle Management
- Oversee third-party risk assessments, including inherent risk tiering and due diligence
- Ensure assessment scope and depth are appropriate for vendor criticality, data sensitivity, and service impact
- Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items
- Establish and maintain processes for periodic reassessments, and continuous monitoring of high-risk/critical vendors
Governance, Reporting, Audit and Regulatory Support
- Support internal/external audits and examinations, ensuring evidence, artifacts, and controls are well documented and repeatable
- Maintain third-party governance materials (policies, risk appetite alignment, RACI, committee presentations, risk acceptance frameworks)
- Provide reporting and insights to governance forums and leadership committees
People Leadership (as applicable)
- Lead, coach, and develop a team of TPRM professionals
- Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership
What you bring
Required Qualifications
- Bachelor’s degree or equivalent practical experience
- 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines
- 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity
- Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement
- Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting
- Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions
- Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation
Preferred Qualifications
- Experience in regulated industries (financial services, healthcare, insurance, payments, or similar)
- Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)
- Certifications such as CISA, CRISC, CISSP, CISM, or equivalent
- Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model
Core Skills and Competencies
- Program maturity leadership: ability to design and scale governance, processes, and metrics
- Tool-driven execution: strong command of workflow automation, dashboards, and data-driven program management
- Communication: concise, practical storytelling with clear risk options and tradeoffs
- Stakeholder influence: confident partnering with business and technology leaders; able to challenge constructively
- Operational excellence: disciplined prioritization, SLA management, and attention to audit-ready documentation
- Risk judgment: balanced approach—protects the organization while enabling the business
Employee Benefits & Well-Being
Genworth employees make a difference in people’s lives every day. We’re committed to making a difference in our employees’ lives.
- Competitive Compensation & Total Rewards Incentives
- Comprehensive Healthcare Coverage
- Multiple 401(k) Savings Plan Options
- Auto Enrollment in Employer-Directed Retirement Account Feature (100% employer-funded!)
- Generous Paid Time Off – Including 12 Paid Holidays, Volunteer Time Off and Paid Family Leave
- Disability, Life, and Long Term Care Insurance
- Tuition Reimbursement, Student Loan Repayment and Training & Certification Support
- Wellness support including gym membership reimbursement and Employee Assistance Program resources (work/life support, financial & legal management)
- Caregiver and Mental Health Support Services
ADDITIONAL
- At this time, Genworth will not sponsor a new applicant for employment authorization for this position.