Apply on Employer Site

East West Bank · 1 day ago

Director of IT Vendor Management

Dallas, TX

Full-time

Onsite

Lead/Staff, Director/Executive

$200K/yr - $280K/yr

12+ years exp

East West Bank is a premier financial institution serving as a bridge between the East and West. The Director of IT Vendor Management is responsible for overseeing the vendor management program, ensuring compliance with regulatory expectations, and managing the lifecycle of technology vendors critical to the bank's operations.

BankingFinanceFinancial Services

Comp. & Benefits

No H1B

Responsibilities

Lead the first‑line IT vendor management program: Own governance, performance monitoring, and lifecycle oversight for all technology and technology-dependent business vendors

Establish and maintain vendor segmentation: Classify vendors by criticality, risk tier, and regulatory impact

Ensure compliance with regulatory expectations: Align with OCC, FRB, FDIC, CFPB, and FFIEC guidance for third-party risk management

Enhance/strengthen vendor policies and standards: Ensure alignment with enterprise risk frameworks and technology control requirements in a fast-evolving vendor landscape

Oversee end-to-end vendor lifecycle: Due diligence, onboarding, contracting, performance monitoring, issue management, renewal, and termination

Conduct technology-focused due diligence: Evaluate cybersecurity, resilience, data handling, cloud architecture, and operational controls

Partner with business owners: Ensure business-owned vendors with technology dependencies meet enterprise standards

Manage contract negotiations: Lead commercial, SLA, and risk-related negotiations with major vendors

Monitor vendor performance and SLAs: Track KPIs, service delivery, incident response, and remediation

Coordinate technology assessments: Work with InfoSec, Architecture, and Technology Risk to validate vendor controls

Oversee issue and incident management: Ensure timely remediation of vendor-related technology issues, outages, or control gaps

Support resilience and continuity planning: Validate vendor BCP/DR capabilities and alignment with bank requirements

Serve as first-line risk owner for vendor risk: Identify, assess, and mitigate risks associated with technology vendors

Prepare executive and regulatory reporting: Provide dashboards, risk summaries, and board-level reporting

Ensure audit readiness: Support internal audit, regulatory exams, and independent testing

Managing vendor concentration and systemic risk: vendor risk mitigation to eliminate/minimize SPOF (single point of failure)

Drive continuous improvement: Enhance processes, tools, and controls to strengthen vendor oversight

Lead a small, high-performing vendor management team: Provide coaching, direction, and subject‑matter expertise

Partner with cross-functional stakeholders: Technology, Procurement, Legal, Compliance, Risk, Finance, and Business Units

Represent vendor management in governance forums: Risk committees, architecture councils, and operational reviews

Qualification

Vendor management experienceRegulatory compliance knowledgeContract negotiation skillsCybersecurity evaluationSaaSCloud technologiesOperational resilienceData governanceIT controls knowledgeStakeholder managementWritten communication skillsLeadership skillsTeam collaborationProblem-solving skills

Required

12+ years of technology vendor management experience in financial services

Demonstrate extensive hands-on experience managing complex, fact-evolving vendor ecosystems, including SaaS, cloud-native, API-driven, and AI-enabled platforms used across financial services

Demonstrated ability to evaluate emerging technology vendors (e.g., AI/ML providers, RegTech, and workflow automation platforms) and conduct deep-dive due diligence for operational resilience, data governance, and regulatory alignment

Hands-on oversight of vendors with embedded or integrated technologies such as AI-powered decision engines, fraud detection & analytics, BSA & KYC/AML automation, or cloud-based microservices supporting critical banking functions

Experience managing vendor concentration and systemic risk

Ability to interpret and challenge vendor control environments across cybersecurity, AI governance, privacy, operational resilience, and third-party sub-dependency management

Deep knowledge of regulatory requirements for third-party risk management

Experience leading vendor due diligence, including cybersecurity, operational & technology risk, data risk, and operational resilience

Strong contract negotiation skills and knowledge of digital transformation programs involving modernization of core banking, wire/payments, lending, or compliance systems using third-party vendor solutions

Knowledge of IT controls and frameworks (NIST, CRI, ISO 27001, SOC 1/2)

Ability to interpret SOC reports

Strong stakeholder management and written/communication skills