Director, Operational Risk Management & Third-Party Risk
Flex is a growth-stage, NYC headquartered FinTech company that is creating the best rent payment experience. It’s hard to believe that it’s 2025 and paying rent on time is expensive, inflexible, and difficult. We’re here to change that! Flex enables our users to pay rent throughout the month on a schedule that better fits their finances and budget. Our mission is to empower as many renters as possible with flexibility over their most significant recurring expense. After deliberately keeping a stealth profile as we built up unprecedented investor support and an enthusiastic user base, we are looking for motivated individuals to help us keep our mission growing. Will you be a part of the team?
About the Role
Flex is seeking a seasoned and strategic Director of Operational Risk Management & Third-Party Risk to lead the development of our Operational Risk Management (ORM) framework and oversee our end-to-end Third-Party Risk Management (TPRM) program. This high-impact role is essential to strengthening our enterprise risk posture and ensuring our operational and external risk exposures are managed with transparency, rigor, and control. You’ll report directly to the Chief Compliance Officer and work cross-functionally with leaders in Legal, Security, Finance, and Product.
This is a foundational leadership role for someone ready to build scalable programs, enhance enterprise resilience, and shape Flex’s long-term readiness.
What You Will Do
Operational Risk Management
- Design and implement Flex’s enterprise ORM framework and operating structure.
- Lead the ORM working group and drive programmatic cadences such as risk assessments, remediation planning, and quarterly reviews.
- Manage core operational risk activities, including:
- Process Mapping
- Risk and Control Self-Assessments (RCSAs)
- Key Risk Indicators (KRIs)
- Incident and issue management
- Deliver actionable reporting to senior leadership.
- Align ORM with regulatory frameworks and industry standards (e.g., OCC, FFIEC, NIST).
- Serve as the central coordination point for operational risk governance across business lines.
Third-Party Risk Management (TPRM)
- Own the full third-party risk lifecycle, from onboarding through termination, across a diverse vendor ecosystem that includes property management companies, property management software, payment providers, software platforms, BaaS partners, and contractors.
- Maintain and evolve the vendor inventory, tiering methodology, and due diligence standards.
- Partner cross-functionally with Legal, Security, Finance, CMS, and business stakeholders to ensure vendor engagements meet enterprise risk and regulatory standards.
- Conduct and review third-party assessments (e.g., SOC reports, control frameworks) and escalate risks when necessary.
- Manage residual risk ratings and design scalable ongoing monitoring practices.
- Report on vendor risks and mitigation strategies to senior leadership.
Who You Are
- 7–10+ years of experience in risk management, with demonstrated expertise in both operational risk and third-party risk.
- Proven track record building and leading risk programs in regulated, high-growth, or technology-forward environments.
- Deep familiarity with relevant regulatory frameworks (OCC, NIST, FFIEC, etc.) and industry best practices for ORM and TPRM.
- Experienced in working cross-functionally and driving accountability across Legal, Finance, Security, and business teams.
- Effective communicator, able to synthesize complex issues and influence at all levels of the organization.
- Background in consulting or enterprise risk transformation is a strong plus.
Why Join Us
This is more than a program lead role, it’s an opportunity to shape the foundation of Flex’s enterprise risk architecture. You’ll gain:
- High visibility across senior leadership and governance forums.
- Ownership over two critical risk domains (ORM and TPRM) with the opportunity to scale into full ERM.
- The chance to modernize third-party oversight across a complex and evolving vendor landscape.
- A seat at the table in preparing Flex for public company readiness, investor confidence, and long-term resilience.
If you’re passionate about building what’s next in operational and vendor risk, and thrive in dynamic environments where your work drives measurable impact, we’d love to meet you.
The compensation range for this role will be commensurate with the candidate's experience and Flex's internal leveling guidelines and benchmarks. For working locations in NY/NJ/CA, the base salary pay range will be $270,000 - $297,000. For all other states, the base salary pay range will be $243,000 - $267,000.
Life at Flex:
We understand that it takes a diverse team of highly intelligent, curious, determined, empathetic, and self aware people to grow a successful company. Our HQ is located in New York City, but we have employees located throughout the US, Australia, Canada and South America. We are growing quickly, but deliberately, with a focus on building an inclusive culture. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity workplace.
We offer many employee benefits. For full time, U.S. based employees we offer:
- Competitive pay
- 100% company-paid medical, dental, and vision
- 401(k) + company equity
- Unlimited paid time off + 13 company paid holidays
- Parental leave
- Flex Cares Program: Non-profit company match + pet adoption coverage
- Free Flex subscription
For full time non-US employees, we offer
Apply for this job
*
indicates a required field