Third Party Risk Manager

Third Party Risk Manager
Salary: Up to £50,000
Location: Mainly remote with occasional travel to the Birmingham office (once a month)

Our client is seeking an experienced Third Party Risk Manager to play a pivotal role in managing and collaborating with external vendors. The successful candidate will be responsible for developing a robust third-party management framework that ensures all vendors are effectively risk-managed throughout their life cycle.

Key Responsibilities:

• Develop and maintain a comprehensive Third-Party Management Programme that identifies risks and implements mitigation strategies to reduce operational disruptions.
• Establish a central repository for evaluating third-party vendors and monitor their performance.
• Collaborate with various departments (eg, Information Security, Legal, HR) to ensure third-party risks are addressed across the organisation.
• Categorise suppliers by risk profile and ensure timely control checks and compliance reporting.
• Support the business in onboarding third parties based on risk and maintain the Supplier Management Standard to reflect emerging risks.
• Oversee the execution of control checks to ensure supplier compliance with standards like ISO 27001.
• Investigate adverse media events related to third parties and report findings in line with internal procedures.
• Collaborate with stakeholders to manage remediation plans and risk mitigation strategies where necessary.

What You'll Bring:

• Expertise in third-party security practices and continuous improvement.
• Strong experience in procurement, supplier life cycle management, and supply chain risk management.
• Knowledge of Information Security practices (ISO 27001, NIST, Cyber Essentials).
• Familiarity with GDPR and data protection principles.
• Excellent communication and influencing skills, with the ability to work cross-functionally and drive change.
• Experience in risk management, policy creation, and contract review.
• Ability to work strategically while addressing stakeholder needs and ensuring third-party risks are effectively managed.

This is a hybrid role, providing flexibility with remote working and a monthly office presence in Birmingham. Join a dynamic environment where you can make a significant impact on the organisation's third-party risk management framework.