Deluxe Corporation Sr. Manager, Risk Operations in Shoreview, Minnesota

Req ID# 11518BR

Title Sr. Manager, Risk Operations

Department Legal

Location of Position Shoreview, MN

Remote Work Location No

Full Time/Part Time Full Time

Shift Type Traditional

Company Info

100 years ago, W.R. Hotchkiss invented a little product that changed banking: the checkbook. With a big idea and plenty of dedication, he took a $300 loan and founded Deluxe Corporation. That humble beginning turned into a century of helping consumers, financial institutions and small businesses thrive. Today, Deluxe is an integral part of everyday business. We move billions of dollars, power millions of small businesses, and support thousands of financial institutions. We’ve transformed from “the check company” into a partner that can deliver everything our customers want – from small-business marketing services to financial-services technology and more. With one eye on our legacy and our founding principles, we continue to power an ever-changing business landscape. We’re looking for people who bring new ideas and passion to their work, who challenge the status quo, who are driven to help our customers meet their goals, and who are ready to thrive in a career ripe with opportunity.

Job Description

Responsible for developing, implementing, and managing the external assurance and due diligence strategy and framework for Deluxe Corporation. Leads direct and indirect teams responsible for enterprise client due diligence, third party oversight, external audit, regulatory examination and risk management programs. Accountable to define and implement Third Party Oversight frameworks and standards for shared services and line of business functions. Reports to the Enterprise Risk Council to address client and regulatory feedback for enterprise. Accountable to set vision and direction for organizational third party risk strategies, goals, and objectives to meet executive leadership expectations, including periodic management reporting to the Audit Committee of the Board of Directors.


  • Accountable to define, develop, implement and manage the due diligence and external assurance strategy and governance model for Deluxe Corporation. Responsible to revise corporate vendor risk policy as needed to achieve strategic objectives.

  • Directs and controls activities for external audit engagements, third party risk and due diligence functions. Conducts annual enterprise risk assessments for third party service providers, defining program action plans, directing work, and ensuring program meets internal and external obligations. Establishes risk parameters to support management of operational risk for third party risk management.

  • Leads team functions with lines of business for regulatory examination. Directs and controls functions for international third party oversight in collaboration with the Law Department. Defines and oversees vendor compliance risk management program, including design and launch of third party oversight of contractual obligations. Contributes to education, training, and awareness content, implementation, and activities for risk mitigation.

  • Accountable to coordinate cross functional issue resolution and manage remediation plans including recommendations for corrective measures for internal and external assessments. Manage and assess remediation by partnering with IT to define and identify solutions to open issues that satisfy compliance requirements, and track solution/project by with project management disciplines. Accountable to monitor, assess, identify, report, and coordinate trends from remediation to identify issues and solutions.

  • Develops and oversees an effective client and third party due diligence and oversight management program. Responsible to coordinate activities with Information Technology and Sourcing for third party oversight and compliance to contractual obligations. Accountable to negotiate on remediation with internal and external stakeholders to achieve agreement on risk mitigation.

  • Accountable to develop and implement management reporting for SLT, ELT, and Audit Committee of the Board of Directors. Reports and tracks activities and status of risk programs to Enterprise Risk Council, Leadership Teams, including Audit Committee of the Board of Directors.

  • Build and maintain strong relationships with Marketing Product Development and Management, IT, Enterprise, Risk, Procurement, and functional areas to support the governance process. Maintain productive working relationships with department leaders and conduct/support periodic risk assessment and develop appropriate support of enterprise risk management deliverables.

Required Qualifications

  • Bachelors degree

  • 8-12 years of experience

  • Demonstrated knowledge of audit, security, and regulatory compliance frameworks including ISO 27001, GLBA, SOX, PCI, HIPAA, EU, CFPB/FFIEC Examination expectations.

  • Proven ability to drive results and ability to drive decision-making with organizational stakeholders at all levels of operating responsibility

  • Strong ability to understand complex regulatory requirements

  • Strong knowledge and experience with external assurance frameworks and assessment methodologies including SOC 1, SOC 2, SOC 3, and AUP assessments

  • Five years or more of management experience, managing functions responsible for a range of risk management activities

  • Experience in and ability to execute enterprise wide risk reporting programs, and effectively communicate and drive change. Strong experience leading initiatives addressing regulatory compliance and operational risk concerns.

  • Excellent understanding and experience in highly regulated industries like Financial Services and/or telecommunications preferred

  • Advanced communication skills, (verbal, written, presenting, facilitating) for internal and external stakeholders including Audit Committee, Executive Leadership team, External Auditors, Regulators, and Clients.

  • Prior compliance, audit and/or Risk management experience with conducting risk assessments and understanding data flows to identify privacy risks and fraud controls. Risk assessment experiences includes identification of control activities and remediation strategies.

  • Strong ability to navigate leadership across multiple functional areas. Demonstrated ability to solve problems creatively and in alignment with business objectives, while inspiring trust and collaboration with customers and clients.

  • Ability to work with abstract concepts and provide thorough assessments to identify fundamental issues, providing strategy and direction for risk activities

  • Proven ability to maintain strict confidentiality in challenging circumstances.

Preferred Qualifications

  • MBA


Pre-Employment Screening Drug screen and background check required.

Deluxe Corporation is an Equal Opportunity / Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, disability, sex, age, ethnic or national origin, marital status, sexual orientation, gender identity or presentation, pregnancy, genetics, veteran status or any other status protected by state or federal law.


Please view the electronic EEO is the Law Poster at which serves to inform you of your equal employment opportunity protections as part of the application process.