Third Party Risk Manager

Ready to build a Third Party Risk Management function from the ground up?

We're looking for a Third Party Risk Manager to join a global law firm in London (2 days per week onsite). This is a greenfield role with real influence, you'll design and embed the TPRM framework, develop tooling, and take ownership of vendor due diligence (DDQs) and risk assessments from day one.

In this role, you'll:

• Build and implement a robust TPRM framework across the business.
• Develop and optimise tools, processes, and reporting for monitoring vendor and supplier risk.
• Review vendor contracts and security schedules, ensuring compliance with regulatory and internal standards.
• Conduct risk assessments on third-party suppliers, including cloud, software licensing, and professional service vendors.
• Collaborate with procurement, legal, compliance, and IT teams to ensure third-party risk is managed consistently and effectively.

You'll bring:

• 2-5+ years' experience in third-party risk, supplier/vendor management, procurement, or category management.
• Proven experience working in multinational or global environments with diverse stakeholders.
• Confidence in reviewing vendor contracts, including security schedules.
• Strong knowledge of ISO27001:2022 and information security standards.
• Experience with TPRM tools/platforms; exposure to software licensing, cloud services, or professional services vendors is a plus.

This is your opportunity to shape how third-party risk is managed across a global business and have a real impact from day one.

Apply now and be the one to make it happen.