Third-Party Assurance Manager

London - UK

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Purpose of the job

We are seeking an experienced Third-Party Assurance Manager to lead our client assurance and vendor due diligence programme across the full end-to-end supply chain lifecycle. This role sits at the intersection of risk management compliance security procurement and customer trust ensuring that third-party risks are effectively identified assessed and managedwhile enabling the business to scale confidently.

The successful candidate will also be responsible for the oversight and strategic ownership of the Trust Center and Vendor Portal ensuring transparent accurate and timely assurance information for both clients and internal addition this role will have responsibility for the AI Management System and ensuring organisational readiness for ISO 42001 supporting compliance and best practice in artificial intelligence governance.

Main Responsibilties

Client Assurance

Act as the primary point of contact for client assurance requests including security privacy compliance and supply-chain risk inquiries.
Coordinate and manage responses to customer due diligence questionnaires audits and assurance reviews (e.g. SOC ISO regulatory requests).
Partner with Security Data Privacy Legal and Engineering teams to deliver clear consistent and high-quality assurance responses.

Drive continuous improvement in client assurance processes to reduce friction and response time.

Vendor Due Diligence and Supply Chain Lifecycle

Own and manage the end-to-end third-party risk lifecycle including onboarding risk assessment contracting ongoing monitoring and offboarding.

Design and execute vendor due diligence reviews across security privacy operational resilience and regulatory risk domains.

Collaborate with Legal Data Privacy Security and Business stakeholders to ensure risk-appropriate controls and remediation plans are in place.

Maintain risk tiering review cadences and escalation paths aligned to business and regulatory requirements.

Oversee procurement processes and licensing management to ensure all third-party solutions are sourced in compliance with company policy and regulatory standards. Work collaboratively with Technology Legal and Finance to maintain accurate software inventories manage renewals and optimise cost-effectiveness while mitigating contractual and compliance risks.

Governance Risk & Oversight

Develop and maintain third-party assurance frameworks policies and procedures.

Track and report on third-party risk metrics trends and remediation status to senior stakeholders.

Support internal and external audits related to third-party risk and supply chain assurance.

Stay current on evolving regulatory expectations and industry best practices related to third-party and supply chain risk.

Provide oversight of the AI Management System ensuring robust governance risk management and compliance practices are in place throughout the third-party risk lifecycle. Coordinate ISO 42001 readiness activities aligning internal controls and vendor due diligence processes to the requirements of the AI management standard.

Monitor evolving best practices and regulatory developments in AI governance supporting continued compliance and operational excellence.

Trust Center & Vender Portal Ownership

Lead and nurture teams building a culture centred around user service documentation and proactive engagement.

Recruit mentor and develop talented employees defining clear career paths and performance expectations focused on service excellence.

Encourage continuous improvement and innovation in support training and user communication.

Provide strategic oversight of the Trust Center ensuring assurance materials are accurate up to date and aligned with company risk posture.

Own and continuously improve the Vendor Portal enabling transparency and efficient information sharing with clients and partners.

Define content strategy governance and operating model for assurance artifacts published externally.

Partner with Product Security and Communications teams to enhance usability and trust signals.

Qualifications :

2 years of experience in third-party risk management assurance compliance security or audit.

Strong understanding of vendor due diligence and supply chain risk management across the full lifecycle.

Hands-on experience managing client assurance requests and customer-facing risk discussions.
Familiarity with common assurance frameworks (e.g. SOC 2 ISO 27001 ISO42001 NIST GDPR vendor risk standards).
Proven ability to work cross-functionally and influence without authority.

Excellent written and verbal communication skills particularly in explaining risk to non-technical audiences.

Preferred

Experience owning or contributing to a Trust Center or external assurance portal.

Background in SaaS technology or regulated environments.

Experience implementing or optimizing third-party risk tools or workflows.

Certifications such as CISA CRISC CISSP or equivalent (nice to have).

Additional Information :

All staff are expected to embody our core values that underpin everything that we do and that reflect the skills and behaviours we all need to be successful. These are:

We are CLIENT CENTRIC Clients are at the centre of our world and were committed to providing expertise and specialist solutions to meet their most complex challenges.
We are AMBITIOUS We aim high. We think and act globally seizing every opportunity to delight our clients and support our colleagues - wherever in the world they may be.
We are AGILE We act on our initiative to get things done for our clients. Our independence gives us the flexibility and freedom to keep things simple efficient and effective.
We are COLLABORATIVE With a curious mindset we ask the right questions to get to the right solution for our clients faster. We collaborate to win together and share our successes.
We are ETHICAL We behave with integrity at all times and assume positive intent building trust through responsible actions and honest relationships.

Equal Opportunities for Everyone

Please let us know if theres anything we can do to make the process easier for you. You can reach us at .

Were an equal opportunity employer. All applicants will be considered for employment without attention to age ethnicity religion sex sexual orientation gender identity family or parental status national origin or veteran neurodiversity or disability status.

Remote Work :

Employment Type :

Full-time

Purpose of the jobWe are seeking an experienced Third-Party Assurance Manager to lead our client assurance and vendor due diligence programme across the full end-to-end supply chain lifecycle. This role sits at the intersection of risk management compliance security procurement and customer trust en...

Purpose of the job

Main Responsibilties

Client Assurance

Act as the primary point of contact for client assurance requests including security privacy compliance and supply-chain risk inquiries.
Coordinate and manage responses to customer due diligence questionnaires audits and assurance reviews (e.g. SOC ISO regulatory requests).
Partner with Security Data Privacy Legal and Engineering teams to deliver clear consistent and high-quality assurance responses.

Drive continuous improvement in client assurance processes to reduce friction and response time.

Vendor Due Diligence and Supply Chain Lifecycle

Own and manage the end-to-end third-party risk lifecycle including onboarding risk assessment contracting ongoing monitoring and offboarding.

Design and execute vendor due diligence reviews across security privacy operational resilience and regulatory risk domains.

Collaborate with Legal Data Privacy Security and Business stakeholders to ensure risk-appropriate controls and remediation plans are in place.

Maintain risk tiering review cadences and escalation paths aligned to business and regulatory requirements.

Oversee procurement processes and licensing management to ensure all third-party solutions are sourced in compliance with company policy and regulatory standards. Work collaboratively with Technology Legal and Finance to maintain accurate software inventories manage renewals and optimise cost-effectiveness while mitigating contractual and compliance risks.

Governance Risk & Oversight

Develop and maintain third-party assurance frameworks policies and procedures.

Track and report on third-party risk metrics trends and remediation status to senior stakeholders.

Support internal and external audits related to third-party risk and supply chain assurance.

Stay current on evolving regulatory expectations and industry best practices related to third-party and supply chain risk.

Provide oversight of the AI Management System ensuring robust governance risk management and compliance practices are in place throughout the third-party risk lifecycle. Coordinate ISO 42001 readiness activities aligning internal controls and vendor due diligence processes to the requirements of the AI management standard.

Monitor evolving best practices and regulatory developments in AI governance supporting continued compliance and operational excellence.

Trust Center & Vender Portal Ownership

Lead and nurture teams building a culture centred around user service documentation and proactive engagement.

Recruit mentor and develop talented employees defining clear career paths and performance expectations focused on service excellence.

Encourage continuous improvement and innovation in support training and user communication.

Provide strategic oversight of the Trust Center ensuring assurance materials are accurate up to date and aligned with company risk posture.

Own and continuously improve the Vendor Portal enabling transparency and efficient information sharing with clients and partners.

Define content strategy governance and operating model for assurance artifacts published externally.

Partner with Product Security and Communications teams to enhance usability and trust signals.

Qualifications :

2 years of experience in third-party risk management assurance compliance security or audit.

Strong understanding of vendor due diligence and supply chain risk management across the full lifecycle.

Hands-on experience managing client assurance requests and customer-facing risk discussions.
Familiarity with common assurance frameworks (e.g. SOC 2 ISO 27001 ISO42001 NIST GDPR vendor risk standards).
Proven ability to work cross-functionally and influence without authority.

Excellent written and verbal communication skills particularly in explaining risk to non-technical audiences.

Preferred

Experience owning or contributing to a Trust Center or external assurance portal.

Background in SaaS technology or regulated environments.

Experience implementing or optimizing third-party risk tools or workflows.

Certifications such as CISA CRISC CISSP or equivalent (nice to have).

Additional Information :

All staff are expected to embody our core values that underpin everything that we do and that reflect the skills and behaviours we all need to be successful. These are:

We are CLIENT CENTRIC Clients are at the centre of our world and were committed to providing expertise and specialist solutions to meet their most complex challenges.
We are AMBITIOUS We aim high. We think and act globally seizing every opportunity to delight our clients and support our colleagues - wherever in the world they may be.
We are AGILE We act on our initiative to get things done for our clients. Our independence gives us the flexibility and freedom to keep things simple efficient and effective.
We are COLLABORATIVE With a curious mindset we ask the right questions to get to the right solution for our clients faster. We collaborate to win together and share our successes.
We are ETHICAL We behave with integrity at all times and assume positive intent building trust through responsible actions and honest relationships.

Equal Opportunities for Everyone

Please let us know if theres anything we can do to make the process easier for you. You can reach us at .

Remote Work :

Employment Type :

Full-time

Key Skills

Apply Now

About Company

Ocorian

Fund services | Corporate | Capital markets | Private client | Regulatory & ComplianceWe help clients succeed by unlocking new value through expertise, trust and scale. We deliver solutions that solve complex challenges faced by asset managers, financial institutions, corporates, high ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click