Third Party Risk Manager (Senior Associate)

Location: Melbourne or Sydney Australia
Reports to: Global Head of Information Security

The Role

Teneo is seeking a Third-Party Risk Manager (Senior Associate) to support the build-out and day-to-day operation of the firms Third-Party Risk Management (TPRM) programme.

This role is suited to a risk professional with a solid foundation in third-party risk cybersecurity risk or GRC who is looking to step into a broader programme role with the opportunity to help shape processes tooling and ways of working - with senior support and direction.

You will work closely with Information Security leadership and key stakeholders across procurement legal IT and the business to help establish and run a scalable risk-based TPRM approach that supports both traditional vendors and emerging technology providers including AI and SaaS platforms.

Responsibilities

TPRM Programme Build-out & Operation (Primary Focus)

• Support the development and operationalisation of Teneos Third Party Risk Management programme including policies standards workflows and reporting.
• Help implement a scalable risk-based approach to third-party risk that considers vendor criticality data sensitivity and business impact.
• Assist in embedding third-party risk lifecycle processes including onboarding due diligence contracting support ongoing monitoring issue management and off-boarding.
• Contribute to the development and maintenance of repeatable vendor assessment methodologies across professional services technology providers SaaS platforms and AI vendors.

Tooling Monitoring & Execution

• Support the implementation and ongoing use of Teneos third-party risk tooling (UpGuard).
• Assist with configuring dashboards workflows and alerts to improve visibility into third-party risk exposure.
• Help triage track and follow up on third-party risk issues identified through assessments or tooling.
• Support remediation tracking and escalation in line with agreed risk tolerances.

AI & Emerging Technology Risk

• Support the assessment of AI-enabled and emerging technology vendors with guidance from senior stakeholders.
• Contribute to third-party risk approaches that consider AI-specific risks such as data usage privacy security and resilience.
• Stay informed on evolving industry guidance and best practices related to AI and third-party risk.

Stakeholder Engagement & Advisory

• Act as a key point of coordination for third-party risk activities across the business.
• Work with procurement legal IT and security teams to support third-party risk activities within sourcing and contracting processes.
• Communicate third-party risk findings clearly to stakeholders escalating issues where required.

Governance Reporting & Assurance

• Assist with maintaining third-party risk reporting metrics and registers.
• Support audits client assurance requests and internal reviews related to third-party risk.
• Help maintain appropriate documentation evidence and records to support Teneos security and risk objectives.

Basic Requirements

• 46 years of experience in third-party risk cybersecurity risk GRC or technology risk roles.
• Working knowledge of third-party and supply-chain risk concepts particularly in technology SaaS or cloud environments.
• Experience supporting or operating third-party risk assessments and remediation tracking.
• Familiarity with third-party risk tools or continuous monitoring platforms (UpGuard experience desirable but not required).
• Comfortable working in a structured but evolving environment where processes are still being built.
• Strong written and verbal communication skills with the ability to explain risk clearly to non-technical stakeholders.

Preferred Requirements

• Exposure to assessing SaaS cloud or AI vendors and associated data or security risks.
• Familiarity with standards and frameworks such as ISO 27001 NIST SOC 2 or similar.
• Awareness of common vendor assessment libraries (e.g. SIG CAIQ).
• Experience working in professional services consulting or fast-paced environments.
• Relevant certifications (CISM CISSP CRISC or similar) are beneficial but not required.

What We Can Offer

• Competitive salary
• Health and wellbeing support provided by Intellect Holistic
• $500 annual health and wellness stipend
• Annual leave: 20 days plus three-day annual closure between Christmas Eve and New Years Eve
• 1 day of leave during birthday month
• 1 wellness day
• 10 days per annum personal/carers leave

About Teneo

Teneo is the global CEO advisory firm. We partner with our clients globally to do great things for a better future.

Drawing upon our global team and expansive network of senior advisors we provide advisory services across five business segments on a stand-alone or fully integrated basis. Our clients include many of the Fortune 100 and FTSE 100 alongside leading financial institutions and public-sector organisations.

With more than 1600 employees across 45 offices worldwide Teneo delivers expertise across strategic communications investor relations financial transactions management consulting cyber and physical risk governance ESG and geopolitical advisory.

Required Experience:

Manager