BAU Due Diligence Lead

Role Summary

TheThirdPartyRisk Management (TPRM) functionis responsible forestablishingand operating the enterprise framework foridentifying assessing and overseeing risks arising from thirdparty relationships including outsourced service providers bankingpartnersandothercritical vendors. The function supports regulatory compliance operational resilience and sound risk governance across the fullthirdpartylifecycle.

The Lead ThirdParty Risk Management is anexecution role responsible for delivery of core TPRM oversight activities for higherrisk and critical vendors with a specific focus on thirdparty business continuity and recovery evidence review vendorrelated incident monitoring and escalation and structured review of vendor security assessment materials. The role works in close partnership with Business Continuity Incident Management Information Security Technology and other risk and business stakeholders to ensurethirdpartyrisk issues are consistently documented escalated whererequired and driven to closure through defined governance processes.

Primary Duty and Responsibilities

• Provide oversight for thirdparty risk activities related tohigherriskand critical vendors ensuring consistent application of TPRM standards across business continuity incident management and security review domains.

• Mapthird partiestotheprocesses and servicestheysupportin order toenableappropriate applicationof risk controls resilience requirements and regulatory oversight for the most critical vendors supporting criticalservices.

• Coordinate and overseethirdparty business continuity evidence review (e.g. BCP ownership/maintenance recoveryobjectives recovery approach) and ensureidentifiedgaps are escalated through the defined pathway.

• Drive delivery management across assigned TPRM initiatives and workstreams including planning dependency management progress tracking and issue resolution to ensuretimelyand consistent execution of TPRM priorities.

• Oversee thirdparty incident monitoring and escalation tracking ensuring incidents areappropriatelydocumented routedto relevant stakeholders and driven toresolutionwith clear ownershipand audit-ready records

• Perform and support structured review of vendor security assessment materials for higherrisk vendors including SOC reports security questionnaires certifications and control evidence synthesizing findings into clear outcomes andrequiredfollowup actions.

• Partner closely with Business Continuity Incident Management IT Procurement and other business stakeholders to ensure thirdparty risk issues are effectively integrated into governance processes and resolved through defined escalation paths.

• Contribute structured inputs to managementlevel reporting on thirdparty risk posture incident trends and remediation progress supporting effective oversight and decisionmaking.

• Performadditionalduties asrequiredto support the ThirdParty Risk Management team and enhancePayoneersenterprise resilience and risk management capabilities.

Education and/or Experience

• Bachelors degreerequired;preferred background in ITbusinessor law.

• 5-7 years of experience in Third Party Risk Management Vendor Management Risk Management GRC or related fields.

Qualifications

• Experienceoperatingin a regulated multinational environment with governance and audit expectations.

• Strong judgment and ability to make decisions across operational and technologyrelated risk topics

• Demonstrated ability to lead crossfunctional execution prioritize work and unblock dependencies.

• Clear executive communication and ability to produce decisionfocused materials for governance forums.

• Proven ability to structure work prioritize effectively and engage senior stakeholders

• Clear and concise communication skills suitable for management and governance forums

• Able tooperateindependently and influence stakeholders across functions and regions.

Technical Skills

• Proficiencyin Microsoft Word Excel and PowerPoint.

• Strong capability to lead and track multistakeholder delivery across parallel workstreams (plans dependencies milestones risks/issues closure discipline).

• Strong reporting skills: produce managementready summaries and progress views for governance forums based on structured evidence and tracking outputs.

Certificates or Licenses

• Preferred but notrequired(e.g. CTPRP CRISC CISA CBCP BCI (CBCI/AMBCI/MBCI) CISM or other relevant industry certifications).

#LI-SS2