Third Party Risk Management Operations Manager

Job Description

Join us as a Third Party Risk Management (TPRM) Operations Manager

• In this role, you’ll deliver TPRM risk assessment services supporting bank wide franchise and functions to meet legal and regulatory compliance in line with the External Outsourcing (EO) framework.
• We’ll look to you to manage and deliver a portfolio of external third party assurance reviews, ensuring robust assessment of policy and controls to identify, articulate and escalate risks in collaboration with internal business and risk standard owners.
• You can expect to enjoy a collaborative and supportive culture, with a big focus on personal and professional development.

What you'll do:

As a TPRM Operations Manager, you’ll support business areas across the bank by conducting assurance reviews of external third party suppliers in relation to keeping bank information safe and secure. You'll ensure the resilience of the services that customers and colleagues rely on, and ensure that all externally sourced suppliers operate in a fully compliant and sustainable manner aligned with bank policy, as well as legal and regulatory requirements.

You’ll work closely with TPRM Business Owners to ensure that the TPRM framework remains effective and robust by leveraging personal knowledge, experience, and expertise to drive potential design and delivery enhancements across the TPRM processes.

Day-to-day, you’ll be responsible for:

• Delivery of an annual risk-based assurance programme, to confirm that key policies and controls have been effectively implemented by Third-Party suppliers.
• Providing management with information and presentation on any key findings to support business owners in effectively identifying and managing risks, issues, or control gaps.
• Working with Business Owners and Suppliers located across multiple geographical regions, which may require occasional travel to conduct onsite reviews.
• Supporting management of the Third Party Supplier Inventory in line with any regulatory changes or jurisdictional requirements.
• Maintaining our overall governance and risk position through regular monitoring and timely delivery of the assurance schedule.
• Building and maintenance of relationships with key policy risk domain owners, and Business Owners.
• Supporting a proactive risk culture and continuous improvement within TPRM Operations.

The skills you’ll need:

To thrive in this role, you’ll need experience of working within a risk assessment team, information security, a technical audit function, or risk and control, applying operational risk within a financial services environment. Ideally you should have experience in SOC or SOX reporting and hold or be working towards a qualification such as CISSP, CCSP, CISA, Comp TIA Security+, ISO-27001 Lead Auditor or MBCI.

Additionally, you’ll need:

• Strong collaboration and interpersonal skills with the ability to build positive working relationships at all levels.
• Excellent written, verbal communication and presentational skills.
• Project management skills and disciplines to manage multiple concurrent workstreams.
• Experience of identifying and implementing improvement opportunities.
• To work well in a fast-paced environment and have good organisation skills to deliver to deadlines.