Job Description

This is a 5 - month contract (renewable) with our client.
We are looking for a Senior IT Vendor Risk Manager (Third Party Risk Manager)
In this high-impact role, you will ensure that our vendors meet the world-class security standards required to protect millions of financial transactions. You will lead the charge in auditing, due diligence, and risk mitigation, ensuring our growth is never compromised by third-party vulnerabilities.
Key Responsibilities

• Third-Party Assessment: Lead the identification and assessment of security risks posed by external vendors and third-party service providers.
• Compliance & Auditing: Conduct rigorous due diligence and technical audits to ensure alignment with NIST, ISO 27001, and PCI-DSS frameworks.
• Contractual Governance: Perform detailed contract reviews to embed security requirements and "right-to-audit" clauses.
• Risk Reporting: Translate complex audit findings into clear, actionable risk reports for senior leadership and executive committees.
• Stakeholder Management: Partner with Procurement, Legal, and Engineering teams to ensure new vendors are onboarded securely and existing partners are monitored continuously.

Requirements & Qualifications
Educational & Professional Standards:

• Degree: 3-year IT-related Degree (Mandatory).
• Certifications: You must hold at least one (ideally more) of the following: CISM, CISSP, or CISA.
• Experience: 7-10 years of proven experience in Governance, Risk, and Compliance (GRC).

Technical Competencies:

• Framework Expertise: Deep familiarity with industry-standard frameworks (NIST, ISO, PCI-DSS, etc.).
• Risk Impact Assessments: A proven history of conducting end-to-end risk assessments in complex, multi-layered environments.
• Audit Expertise: Strong experience in conducting audits and validating the security controls of large-scale technology providers.
• Communication: The ability to influence senior leadership and hold external vendors accountable with authority and clarity.

Skills Required