Job Description
Third Party Risk Manager
Salary : Up to £50,000
Location : Mainly remote with occasional travel to the Birmingham office (once a month)
Our client is seeking an experienced Third Party Risk Manager to play a pivotal role in managing and collaborating with external vendors. The successful candidate will be responsible for developing a robust third-party management framework that ensures all vendors are effectively risk-managed throughout their lifecycle.
Key Responsibilities:
* Develop and maintain a comprehensive Third-Party Management Programme that identifies risks and implements mitigation strategies to reduce operational disruptions.
* Establish a central repository for evaluating third-party vendors and monitor their performance.
* Collaborate with various departments (e.g., Information Security, Legal, HR) to ensure third-party risks are addressed across the organisation.
* Categorise suppliers by risk profile and ensure timely control checks and compliance reporting.
* Support the business in onboarding third parties based on risk and maintain the Supplier Management Standard to reflect emerging risks.
* Oversee the execution of control checks to ensure supplier compliance with standards like ISO 27001 .
* Investigate adverse media events related to third parties and report findings in line with internal procedures.
* Collaborate with stakeholders to manage remediation plans and risk mitigation strategies where necessary.
What You'll Bring:
* Expertise in third-party security practices and continuous improvement.
* Strong experience in procurement, supplier lifecycle management, and supply chain risk management.
* Knowledge of Information Security practices (ISO 27001, NIST, Cyber Essentials).
* Familiarity with GDPR and data protection principles.
* Excellent communication and influencing skills, with the ability to work cross-functionally and drive change.
* Experience in risk management, policy creation, and contract review.
* Ability to work strategically while addressing stakeholder needs and ensuring third-party risks are effectively managed.
This is a hybrid role, providing flexibility with remote working and a monthly office presence in Birmingham. Join a dynamic environment where you can make a significant impact on the organisation's third-party risk management framework.