Third Party Risk Manager

Third Party Risk Manager - Belfast (Hybrid, Outside IR35) - £500 per day - 3 MonthsWe are seeking an experienced Third Party Risk Manager to oversee and enhance third-party cybersecurity and compliance practices across the enterprise. This critical role involves managing supplier risk assessments, ensuring regulatory alignment, and collaborating with cross-functional teams to maintain a robust and transparent third-party risk management framework.Key Responsibilities:Maintain and evolve the Third-Party Risk Register, mapping vendors to business criticality, data access, and overall risk exposure.Conduct pre-contract due diligence and ongoing risk assessments for suppliers, service providers, and strategic partners.Review and negotiate security and data protection clauses within contracts, including breach notification, encryption, and audit rights.Monitor vendor compliance with SLAs, security standards, and regulatory obligations, escalating non-conformance where required.Coordinate third-party incident response and escalation procedures, ensuring prompt remediation and communication.Produce regular reporting on third-party risk posture for governance committees, senior stakeholders, and regulators.Align third-party risk practices with broader enterprise risk management and cybersecurity frameworks.What You Will Ideally Bring:Deep understanding of regulatory frameworks, including NIS2, GDPR, ISO 27001, and sector-specific compliance obligations (eg, energy).Proven experience with vendor risk management frameworks such as SIG questionnaires, NIST SP 800-161, and third-party risk scoring methodologies.Strong background in contractual and SLA analysis, particularly around security clauses, data protection, and breach management.Hands-on experience conducting due diligence, risk profiling, and control validation for third parties.Familiarity with third-party risk platforms such as OneTrust, ProcessUnity, or Archer TPRM.Contract Details:Duration: 3 months (with potential for extension)Day Rate: Up to £500 per day (Outside IR35)Location: Belfast (Hybrid - 3 days onsite/2 days remote)Start Date: ASAPTravel: Occasional travel to Belfast as required

Created: 2025-10-23