Third Party Risk Manager

Third Party Risk Manager
Salary: Up to £50,000
Location: Mainly remote with occasional travel to the Birmingham office (once a month)

Our client is seeking an experienced Third Party Risk Manager to play a pivotal role in managing and collaborating with external vendors. The successful candidate will be responsible for developing a robust third-party management framework that ensures all vendors are effectively risk-managed throughout their lifecycle.

Key Responsibilities:

\n
• Develop and maintain a comprehensive Third-Party Management Programme that identifies risks and implements mitigation strategies to reduce operational disruptions.
\n
• Establish a central repository for evaluating third-party vendors and monitor their performance.
\n
• Collaborate with various departments (e.g., Information Security, Legal, HR) to ensure third-party risks are addressed across the organisation.
\n
• Categorise suppliers by risk profile and ensure timely control checks and compliance reporting.
\n
• Support the business in onboarding third parties based on risk and maintain the Supplier Management Standard to reflect emerging risks.
\n
• Oversee the execution of control checks to ensure supplier compliance with standards like ISO 27001.
\n
• Investigate adverse media events related to third parties and report findings in line with internal procedures.
\n
• Collaborate with stakeholders to manage remediation plans and risk mitigation strategies where necessary.
\n

What You'll Bring:

\n
• Expertise in third-party security practices and continuous improvement.
\n
• Strong experience in procurement, supplier lifecycle management, and supply chain risk management.
\n
• Knowledge of Information Security practices (ISO 27001, NIST, Cyber Essentials).
\n
• Familiarity with GDPR and data protection principles.
\n
• Excellent communication and influencing skills, with the ability to work cross-functionally and drive change.
\n
• Experience in risk management, policy creation, and contract review.
\n
• Ability to work strategically while addressing stakeholder needs and ensuring third-party risks are effectively managed.
\n

This is a hybrid role, providing flexibility with remote working and a monthly office presence in Birmingham. Join a dynamic environment where you can make a significant impact on the organisation's third-party risk management framework.