let’s make something together

Give us a call or drop by anytime, we endeavour to answer all enquiries within 24 hours on business days.

Find us

PO Box 16122 Collins Street West
Victoria 8007 Australia

Email us


Phone support

Phone: + (066) 0760 0260
+ (057) 0760 0560

Third Party Risk Manager

  • By Sylwia Lupa
  • 9 January 2023

You will join one of the largest bank in the world.

Role Purpose 

  • The Third Party Risk Manager works with the Third Party Risk Officer in the CTO Third Party Risk Management (TPRM) team.  
  • The role provides risk management support, subject matter expertise and direction for Third Party Risk related activities and issues in conjunction with the CTO Third Party Risk Officer 
  • The TPR Manager will ensure that risk management activities are completed to support the implementation of the Group Third Party Risk Management (TPRM) Policy and Framework within CTO 
  • The TPR Manager executes the Technology Third Party Risk Governance strategy to ensure coordinated, consistent, effective and complete adoption of the Technology execution plan for Group TPRM Policy and Framework in their remit
  • Advise and Guide Third Party Engagement Managers & Risk Owners by establishing thresholds to identify materiality of Risk or Regulatory importance 
  • Works with the Banks’ Business Continuity & Incident Management Team (BCIM), representing CTO, to ensure that each area of the department’s Functions’ has robust, tested plans in place to enable the business to continue operating in the event of a major incident (relating to our people, building, IT Services and Critical Suppliers)

Key Accountabilities

Impact on Business

  • Support the CTO Global TPRO by acting as a point of contact / interface/ champion for TPRM related matters on behalf of CTO 
  • Review and monitor Third Party Risk related issues across all entities within CTO 
  • Providing advice and guidance to Third Party Engagement Managers and Risk Owners and Accountable Executives. 
  • Escalation through reporting line where decision/issue is of significant materiality or regulatory importance. 
  • Escalation of cross risk/cross business impacts where agreement cannot be reached to Global Third Party Risk Office 
  • Responding to analysis, MI and reporting produced by the Global Third Party Utility team on behalf of CTO
  • Ensure Business Continuity Plans are appropriately exercised, tested and facilities, tools, invocation plans and recovery site agreements are robust and maintained

Customers / Stakeholders – the role will involve frequent liaison with a large range of stakeholders including: 

  • Operations Executives and Regional Forums 
  • CTO Senior Management and Operational Risk Senior Stakeholder 
  • Internal Audit and External Auditors / Local regulators liaison / engagement 
  • Risk Domains and Risk Stewards 
  • CTO BC Plan Writers, Department Heads and BCIM stakeholders

Leadership & Teamwork

  • Act as the management interface between CTO and the Global Third Party Risk Utility 
  • Influence stakeholders with the Risk Owners and Engagement Managers within the business to support an environment of robust, pro-active and risk aware business operation 
  • Building strong working relationships across ITID and Technology 
  • Work closely with Group TPRM model to align the practices and governance structures to share / absorb best practices 
  • Maintain transparent communication channels with all relevant stakeholders 
  • Provide support and guidance to business area in all matters relating to Business Continuity and Incident Management, ensuring all people involved in Business Continuity and related Incident Management process are fully aware of their roles and responsibilities.

Operational Effectiveness & Control

  • Actively track and manage the ongoing utilization of risk capturing tools and utilities e.g., Archer is rolled out 
  • Embedding and overseeing the TP Risk procedures and assuring adherence to policies and processes across the Risk Owners. 
  • Engaging with the Third Party Engagement Managers and Risk Owners within the entities to promote consistency and alignment and holistic Third Party risk reporting. 
  • Feed into the CTO TPRO any Business’s exposure to Third Party Risk in order for them to report into the Technology and ITID Third Party Governance forums on the nature, level of risk and the effectiveness of the arrangement to control the risk, keeping the exposure within appetite. 
  • Performing periodic conformance reviews to ensure:
    •  Assessment processes are being performed to a satisfactory and consistent quality
    • Key issues/incidents are being reported and remediated in a timely and satisfactory manner
  • Where BCM activity is non-compliant a ‘Path To Green’ strategy is in place and shared with BCIM

Major Challenges – the role will require the jobholder to: 

  • Embed and optimize the capabilities of the new TPRM Utility by extensively reviewing and improving existing processes. 
  • Proactively work with Technology and the regional / entity management / HOST to ensure alignment of appreciation, understanding and governance of TPRM 
  • Ensure buy-in and support of all stakeholders the overall TPRM objectives by maintaining high credibility. 
  • Work closely with the Global TPRO to calibrate and ensure adherence to associated policies, methodologies and processes across Technology. 
  • The job holder will need to possess outstanding people management skills to develop a close and ongoing working relationship with the senior managers involved. The nature of the role requires highly effective analytical, coordination and influencing skills. 

Role Context 

  • Operating in a highly competitive environment, CTO leverages various Suppliers and other third party engagements to provide efficient distribution channels. 
  • With presence in multiple countries and over a thousand third party business engagements, TPRM for CTO is a critical function that is responsible for managing day to day risk presented by these operations. 
  • In an increasingly governed and regulated environment the ability to provide assurance that all the models are being deployed in countries to an agreed standard is paramount. 

Role Dimensions

  • Role impacts services delivered to key business lines, who in turn impact the bank’s Technology as a whole 

Observation of Internal Controls:

  • To maintain the company’s internal control standards, including the timely implementation of internal and external audit points together with any issues raised by external regulator

They can offer:

  • Excellent and positive work environment
  • A stable role with a consistent set of responsibilities
  • Career development prospects within the multi-national leading financial organization
  • Private health care and employees’ benefits
    • sharing the costs of sports activities, sharing the costs of foreign language classes, sharing the costs of professional training & courses, life insurance, retirement pension plan


Note: Prepare your CV in English (PDF), fill in the form, and apply! 🙂
Please include in your CV the following clause necessary for the recruitment process:

“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Third Party Risk Manager position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”

.Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.