Third Party Risk Management Specialist

Social network you want to login/join with:

col-narrow-left

Ebury

London, United Kingdom

Other

-

Yes

col-narrow-right

c81efd201b20

3

02.06.2025

17.07.2025

col-wide

Ebury is a leading global fintech company that empowers businesses to trade and grow internationally. It offers a comprehensive suite of products, including international payments and collections, FX risk management, trade finance, and API integrations. Founded in by Juan Lobato and Salvador García, Ebury is one of the fastest-growing global fintechs, with over 1, employees and 38 offices in more than 25 countries.

Third Party Risk Management Specialist

Madrid / Malaga / London - 4 days in the office

About our team:

We are seeking an experienced Third Party Risk Management (TPRM) Specialist to join our 2nd line
of defence Information Technology (IT) and Business Resilience Team which covers business
continuity and resilience, IT risk management and business process mapping. The candidate will be
responsible for managing the governance, operationalization and reporting of the Outsourcing and
TPRM function at Ebury. In addition to its direct colleagues, this person will be working closely with
the procurement and data privacy functions.

About the role:

As the TPRM Specialist, this person will be responsible for:
● Leading Ebury ́s Outsourcing and TPRM framework, covering both external and intragroup
arrangements;
● Coordinating TPRM lifecycle activities involving, among others, third party segmentation and
materiality assessment, risk identification and assessment, due diligence and ongoing
monitoring;
● Managing reporting requirements to both internal and external stakeholders;
● Ensuring alignment with other risk management areas, mainly business continuity and
resilience, and IT risk management;
● Being the point of contact for internal and external auditors with regards to Outsourcing and
TPRM; and
● Continuously improving the framework in order to make it fit for purpose for Ebury while
ensuring alignment with the various regulatory requirements.

Experience and Qualifications:

● 5+ years of experience in a 2nd line of defence risk management function covering TPRM
and/or IT risk management
● University degree preferred, ideally in business, information technology/ security, finance or
law
● Knowledge of financial services regulatory requirements applicable to TPRM (mainly FCA,
EBA, NBB) and solid understanding of the Digital Operational Resilience Act (DORA)
● Good understanding of other areas of non-financial risk management, mainly business
continuity and resilience, IT risk management and data privacy

● Practical experience with GRC tools (OneTrust experience is a plus)

Skills:

● Strong analytical skills leveraged to build metrics, monitoring dashboards and reporting
documents
● Strong written and presentation skills to effectively communicate with the relevant
stakeholders (e.g. business area, internal/ external auditors, executive management)
● Ability to work in a fast-paced environment and to quickly adapt to changing priorities
● English professional proficiency (minimum C1)