3rd Party Risk Manager

Job Title : 3rd Party Risk Manager - Internal Audit

Location : Madrid, Spain

Reports to : Head of Internal Audit

Audit & Risk Recruitment is partnering with a global financial services business undergoing a period of strong growth and transformation. As part of this expansion, the company is strengthening its global Internal Audit team and seeking an experienced Internal Audit Manager – Third Party Assurance to join its Madrid-based function. This is a high-impact role offering significant visibility across the business, with a mandate to shape the organisation’s assurance strategy and build a best-in-class third-party assurance framework.

The 3rd Party Risk Manager role will act as a key strategic partner to the Head of Internal Audit, helping to define and deliver the company’s global assurance strategy and annual audit plan. The role will focus on establishing a continuous third-party assurance framework to monitor, assess, and report on the performance and risk of critical external service providers. This individual will play a crucial role in ensuring compliance with evolving regulatory expectations around operational resilience and outsourcing.

• Third Party Assurance : Design, implement, and manage a continuous monitoring framework to assess third-party risk and compliance, ensuring alignment with regulatory, contractual, and operational resilience requirements.
• Audit Delivery : Plan, execute, and report on audits focused on third-party management, outsourcing arrangements, and supplier governance.
• Regulatory Insight : Stay abreast of evolving regulatory developments, including FCA PS21 / 3 , DORA , and other global operational resilience frameworks, interpreting their implications for the organisation’s assurance approach.
• Stakeholder Engagement : Collaborate with senior leaders in Risk, Procurement, Technology, and Operations to enhance oversight of key third-party relationships.
• Reporting & Communication : Produce clear, concise, and insightful audit reports that effectively communicate findings and recommendations to senior management.
• Continuous Improvement : Contribute to the ongoing enhancement of internal audit methodologies, data analytics, and assurance processes to improve effectiveness and efficiency.

• Minimum 6 years’ experience in internal audit, risk management, or third-party risk assurance within financial services or other regulated industries.
• Strong knowledge of operational resilience regulations , including FCA operational resilience and DORA .
• Proven ability to design and deliver assurance activities that drive meaningful risk insights and improvements.
• Excellent written and verbal communication skills, with the ability to produce clear and impactful audit reports.
• Demonstrated experience engaging with senior stakeholders and managing cross‑functional relationships.
• Fluent in Spanish and English (both written and spoken).
• Must hold a valid EU passport .