Overview
This is a hands-on, delivery-focused role supporting the implementation and ongoing operation of the Third Party Risk Management (TPRM) framework.
The role involves direct engagement with external vendors, progressing data protection agreements and assessments, maintaining trackers and metrics, and supporting adhoc operational and process-related activities in a fast-evolving environment.
Key Responsibilities
Act as the primary point of contact for assigned third-party vendors
Engage with vendors via email and calls to progress outstanding actions and obtain required documentation
Support the roll out, execution, and tracking of Data Processing Agreements (DPAs)
Conduct third-party data protection compliance reviews, including Technical and Organisational Measures (TOMs) assessments
Review vendor responses, identify risks or gaps, and support remediation activities
Maintain accurate third-party records using SharePoint-based trackers
Produce regular status updates and metrics for internal and client stakeholders
Support reconciliation and validation of vendor information across multiple sources
Perform vendor research to confirm organisational details and appropriate points of contact
Support the development, refinement, and maintenance of third-party risk and data privacy processes and templates
Work closely with internal stakeholders to align priorities, escalate issues, and resolve queries
Skills & Experience Required
Hands-on experience in Third Party Risk Management, Data Protection, Risk & Compliance, or similar operational roles
Strong understanding of GDPR, particularly obligations relating to third-party processing
Experience conducting third-party compliance and TOMs assessments
Experience engaging directly with external vendors, including follow-ups and calls
Strong organisational skills with the ability to manage multiple third parties concurrently
Experience using SharePoint or similar tools for tracking and document management
Comfortable producing metrics, trackers, and status reporting
Strong written and verbal communication skills
Ability to work effectively with incomplete, evolving, or inconsistent information
#J-*****-Ljbffr