Third Party Risk Manager

ABOUT THIS ROLE

We are an AI company building tools for vendor onboarding and third-party risk management. Our AI processes vendor applications, conducts automated due diligence checks (financial health, sanctions, cybersecurity posture, insurance), assigns risk scores, and triggers ongoing monitoring alerts — the same process that vendor management and procurement teams run today at banks, IT companies, and large enterprises. We need people who have personally onboarded vendors or managed third-party risk programmes and can tell us from real process experience what the AI needs to do better.

WORKFLOWS COVERED

• Vendor qualification and due diligence — financial health checks, background verification, sanctions screening, cyber risk assessment, insurance review
• Vendor Due Diligence (Know Your Vendor / KYV) — vendor classification by risk tier, conflict of interest checks, beneficial ownership verification
• Contract and agreement management — MSA, SOW, NDA review, terms tracking, renewal alerts
• Ongoing vendor performance monitoring — SLA tracking, KPI reviews, periodic re-assessment
• Vendor offboarding — data return, access revocation, transition planning, liability management

WHAT YOU WILL DO

• Share how vendor onboarding and third-party risk management work in practice — the due diligence steps, risk tiering logic, ongoing monitoring, and the judgement calls that arise across different vendor types
• Review vendor risk frameworks, onboarding process designs, or due diligence outputs and tell us where they miss what a real vendor management professional would flag
• Help us understand how third-party risk decisions are made in practice — what drives risk classifications, how red flags are handled, what escalation looks like in a real procurement environment
• Advise on what good vendor management and TPRM looks like based on your experience running or working within a real vendor onboarding and risk programme

YOU ARE THE RIGHT FIT IF

• Minimum 3 years in vendor management, procurement operations, or third-party risk at a corporate organisation — not purely consulting
• Have personally onboarded vendors, conducted due diligence reviews, or managed a vendor risk programme end-to-end
• Know your procurement platforms — Coupa, SAP Ariba, Jaggaer, GEP, Oracle Procurement — from using them in vendor workflows daily
• Worked in a sourcing or vendor management function at a bank (where third-party risk is tightly regulated), large IT company, or FMCG/manufacturing firm

NICE TO HAVE

• CPSM (Certified Professional in Supply Management) — ISM
• Experience with vendor risk management under banking regulations — RBI Outsourcing Guidelines, DORA (EU), OCC Third-Party Risk, or MAS TRM Guidelines
• Background in information security vendor risk — ISO 27001, SOC 2 Type II assessments as part of vendor due diligence
• Pay - 2,000 – 3,000 per hour