Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Third-Party Management Officer

Oxford Circus
2 weeks ago
Create job alert

3M Resourcing Ltd are delighted to support an established bank with their hiring process for their next Third-Party Management Officer ( TPMO ).

Scope & Responsibilities

The Third-Party Management Officer is responsible for overseeing and managing all aspects of third-party relationships, including vendor onboarding, performance monitoring, compliance assessments, risk management, and contract administration. This role ensures that third-party engagements align with organisational policies, regulatory expectations (including FCA/PRA requirements), minimise risks, and maximise value. This includes ensuring compliance with SS2/21 and PS24/16, and supporting the bank’s operational resilience framework as it relates to third-party service provision.

Key Responsibilities:

Vendor Selection and Onboarding:

• Oversee the evaluation and selection process of third-party vendors and service providers.

• Ensure all third parties meet compliance, security, and performance standards during the onboarding process.

• Ensure that the due diligence process includes assessment of financial stability, business continuity arrangements, information security controls, and subcontracting arrangements, in line with the materiality of the service.

• Lead materiality assessments and escalate material outsourcing arrangements for internal governance review and regulatory notification, as required under SS2/21 and PS24/16.

Third-Party Management:

• Identify, assess, and mitigate risks associated with third-party relationships, including operational, financial, cybersecurity, and reputational risks.

• Conduct regular vendor risk assessments and due diligence.

• Maintain an up-to-date centralised third-party register, incorporating risk classifications, service criticality, contract status, and key controls.

• Ensure that risk assessments are periodically refreshed, especially for material outsourcers and high-risk third parties.

• Support the review of exit plans and substitution strategies for critical and important third-party services.

Compliance and Regulatory Adherence:

• Ensure third parties comply with applicable laws, regulations, and internal policies (e.g., UK DPA 2018 (GDPR), ISO 27001).

• Maintain up-to-date knowledge of regulatory changes affecting third-party relationships.

• Ensure third-party arrangements comply with FCA/PRA outsourcing and third-party risk management requirements, including SS2/21, PS24/16, SYSC 8 and 15A.

Performance Monitoring:

• Assist to develop and implement KPIs to measure vendor performance and ensure service level agreements (SLAs) are met.

• Work closely with internal stakeholders to address vendor performance issues. • Coordinate periodic third-party performance reviews, documenting results and triggering remediation plans where necessary.

• Monitor critical service providers against important business services and impact tolerances as part of the operational resilience framework.

Contract Management, Communication & Collaberation, Audit & Reporting, Continuous Improvement.

Please apply for a more detailed conversation and to receive the full Job description.

Knowledge & experience Required:

• Relevant degree or related educational qualification.

• Working knowledge of third-party management, vendor management, or procurement.

• A minimum of 2 years of experience in the field within a financial services institution.

• Knowledge of risk management practices and regulatory compliance.

• Strong analytical and problem-solving skills. • Excellent communication and negotiation skills.

• Proficiency in vendor management systems (VMS) and other relevant tools.

• Understanding of legal and contractual obligations.

• Familiarity with FCA/PRA rules including SYSC 8, SYSC 15A, PS24/16, and Supervisory Statement SS2/21.

• Possession of relevant professional certifications such as CTPRP (Certified Third Party Risk Professional), CRVPM (Certified Regulatory Vendor Program Manager), or certification/membership from CISP (Chartered Institute of Procurement & Supply) would be an added advantage.

This is an on-site role, located close to Oxford Circus

Related Jobs

View all jobs

Head of Security Assurance (Cybersecurity)

Cyber Security Programme Manager

ForgeRock/PingID Developer

IT Category Manager

Information Security Management Specialist

Information Security Management Specialist

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Jobs

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

Jobs

Why the UK Could Be the World’s Next Cyber Security Jobs Hub

Cyber security has become one of the defining challenges of the digital age. From protecting personal data and financial transactions to defending national infrastructure and corporate systems, the demand for strong cyber defences has never been higher. As businesses, governments, and individuals depend more heavily on digital services, the scale and sophistication of cyber threats have risen dramatically. Ransomware attacks, data breaches, state-sponsored cyber operations, and insider threats are now everyday risks. In response, organisations worldwide are investing heavily in cyber security talent. The United Kingdom is uniquely positioned to become a global cyber security jobs hub. With its strong tech sector, world-class universities, advanced defence capabilities, and established financial markets, the UK already has the foundations. The question is whether it can scale up, attract, and retain the right talent to meet global demand. This article explores why the UK is poised to become the world’s next cyber security jobs hub, the opportunities available, the challenges ahead, and what needs to happen for this vision to be realised.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.