Leading Cyber Security Third Party Risk Manager

We are seeking a highly skilled Cyber Security Third Party Risk Management Lead to join our client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation.

With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for an experienced Risk Management professional to join a successful team in a newly created position.

• Designing, implementing, and overseeing a robust third-party risk management programme.
• Ensuring that all external vendors, suppliers, and partners align with the organisation's security, compliance, and operational risk standards.
• Assessing, monitoring, and mitigating third-party risks by working closely with teams across procurement, legal, IT, the cyber team, and other business units.
• Conducting initial and ongoing risk assessments of third-party vendors, ensuring compliance with industry standards and best practices.
• Developing and maintaining ongoing monitoring mechanisms for third-party risks, ensuring timely remediation of identified issues.
• Conducting in-depth supplier IT risk assessments by reviewing supplier answers to the cyber supplier questionnaire, documenting controls and identifying gaps and inconsistencies.
• Developing a new, streamlined onboarding process using workflow automation, rules, formulas, and interactive questionnaires, significantly reducing onboarding time and automating third-party vendor risk profiling.
• Conduct internal scoping assessments with business and project owners to accurately tier suppliers and categorize them based on risk levels and business criticality.
• Performing in-depth due diligence reviews on vendors to proactively identify any potential risks associated with services.
• Managing relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities.
• Conduct AI risk assessments on suppliers AI models to ensure sensitive data is ring fenced and not used to train other models.
• Conducting specific risk assessments on suppliers utilizing OT, IoT, and ML technologies to ensure compliance with data protection and regulatory requirements.
• Developing and implementing remediation plans for identified security gaps working directly with vendors to enforce corrective actions.
• Maintaining detailed records of vendor assessments, risk profiles and mitigation plans to ensure transparency and regulatory compliance.
• Performing technical security architecture reviews to identify potential vulnerabilities impacting security principles, collaborating with the architecture team to confirm and address these vulnerabilities.
• Working with internal stakeholders to integrate third-party risk considerations into vendor selection and contract management processes.

• A Bachelor's or Master's degree in Risk Management, Cybersecurity, Business Information Systems, or a related field.
• Relevant certifications such as CISM, CISA, CISSP, or CRISC are advantageous.
• At least 5+ years of experience in third-party risk management, vendor management, IT risk, compliance, or a similar role.
• Strong communication and stakeholder management skills.
• Experience with risk assessment tools and methodologies.

The successful candidate will be afforded public sector benefits - increased holidays, fantastic pension and unmatched job security in an organisation which truly reflects work-life balance.

This is a hybrid role with city-centre offices.

This is a fantastic opportunity for an experienced Risk Management professional to join a successful team in a newly created position.