Senior Director, Operational Risk Management & Third-Party Risk

Flex is a growth-stage, NYC headquartered FinTech company focused on delivering flexible rent payments. We are building an enterprise risk posture that supports scalable growth and resilience. We are seeking motivated individuals to help us advance our mission.

About the Role

Flex is seeking a seasoned and strategic Senior Director of Operational Risk Management & Third-Party Risk to lead the development of our Operational Risk Management (ORM) framework and oversee our end-to-end Third-Party Risk Management (TPRM) program. This role reports to the Chief Compliance Officer and collaborates with Legal, Security, Finance, and Product to strengthen our risk posture and ensure transparency, rigor, and control. This is a foundational leadership role for building scalable programs and shaping Flex’s long-term readiness.

This is a hybrid position with on-site expectations of 3 days per week in our New York or San Francisco Headquarters. For candidates outside the NY/NJ/SF area, relocation assistance may be available.

What You Will Do

• Design and implement Flex’s enterprise ORM framework and operating structure.
• Lead the ORM working group and drive programmatic cadences such as risk assessments, remediation planning, and quarterly reviews.
• Manage core operational risk activities, including:
• Process Mapping
• Risk and Control Self-Assessments (RCSAs)
• Incident and issue management
• Deliver actionable reporting to senior leadership.
• Align ORM with regulatory frameworks and industry standards (e.g., OCC, FFIEC, NIST).
• Serve as the central coordination point for operational risk governance across business lines.

Third-Party Risk Management (TPRM)

• Own the full third-party risk lifecycle, from onboarding through termination, across a diverse vendor ecosystem including property management companies, property management software, payment providers, software platforms, BaaS partners, and contractors.
• Maintain and evolve the vendor inventory, tiering methodology, and due diligence standards.
• Partner cross-functionally with Legal, Security, Finance, CMS, and business stakeholders to ensure vendor engagements meet enterprise risk and regulatory standards.
• Conduct and review third-party assessments (e.g., SOC reports, control frameworks) and escalate risks when necessary.
• Manage residual risk ratings and design scalable ongoing monitoring practices.
• Report on vendor risks and mitigation strategies to senior leadership.

Who You Are

• 7–10+ years of experience in risk management, with expertise in both operational risk and third-party risk.
• Proven track record building and leading risk programs in regulated, high-growth, or technology-forward environments.
• Deep familiarity with regulatory frameworks (OCC, NIST, FFIEC, etc.) and industry best practices for ORM and TPRM.
• Experience working cross-functionally and driving accountability across Legal, Finance, Security, and business teams.
• Effective communicator who can synthesize complex issues and influence at all levels of the organization.
• Background in consulting or enterprise risk transformation is a strong plus.

Why Join Us

This is more than a program lead role; it’s an opportunity to shape the foundation of Flex’s enterprise risk architecture. You’ll gain:

• High visibility across senior leadership and governance forums.
• Ownership over ORM and TPRM with potential to scale into full ERM.
• Opportunity to modernize third-party oversight across a complex vendor landscape.
• A role contributing to Flex’s readiness for growth, investor confidence, and long-term resilience.

If you’re passionate about building what’s next in operational and vendor risk, and thrive in dynamic environments where your work drives measurable impact, we’d love to meet you.

Compensation ranges are commensurate with experience and internal leveling guidelines. For locations in NY/NJ/CA, base salary ranges are $283,000 - $312,000. For other states, base salary ranges are $255,000 - $281,000.

Benefits

• Competitive pay
• 100% company-paid medical, dental, and vision
• 401(k) + company equity
• Unlimited paid time off + 13 company holidays
• Parental leave
• Flex Cares Program
• Free Flex subscription

Flex is an equal opportunity employer and values diversity in our team.

Voluntary Self-Identification

We invite you to respond to voluntary self-identification questions for government reporting purposes. Providing this information is voluntary and will not affect your candidacy.