Fresenius Medical Care Logo

Fresenius Medical Care

Senior Manager, IT Third-Party Risk Management (TPRM)

Reposted 8 Days Ago
In-Office or Remote
Hiring Remotely in United Kingdom
Senior level
In-Office or Remote
Hiring Remotely in United Kingdom
Senior level
The Senior Manager of IT Third-Party Risk Management oversees the third-party risk program, enhances governance, streamlines processes, and collaborates with cross-functional teams to manage risks effectively across vendors.
The summary above was generated by AI

Hybrid - Upon agreement between you and your supervisor, you are entitled to a flexible arrangement where you will be able to split your time between working from the office and working remotely.

The Senior Manager, IT Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining process, automating workflows, and enabling leaders to make risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Information Technology Solutions (ITS), Cybersecurity & Privacy Solutions (CPS), Procurement, Legal, Compliance, and business personnel, to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Provide leadership of short- and long-term goals for IT Third-Party Risk Management.  Lead the effort to foster an environment of customer service, continuous improvement and consistent execution.

Program Leadership and Maturity

  • Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes

  • Establish and maintain program operating cadence (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)

  • Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry practices

  • Develop and maintain standard operating procedures, job aids, and training materials to ensure consistent execution

Stakeholder and Management Interaction

  • Serve as a trusted advisor to business owners, translating third-party risk into clear decision options

  • Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, and approvals align to governance and are documented

  • Partner with procurement to embed risk requirements into intake, sourcing, and ongoing vendor management

  • Collaborate with Legal, CPS, and Compliance to ensure contract provisions, control expectations, and due diligence are aligned and enforceable

TPRM Tooling, Automation and Decision Enablement

  • Own management and optimization of the organization’s TPRM technology platform

  • Design, configure, and enhance process workflows

  • Develop dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, concentration risk, critical vendor oversight, and periodic vendor reassessment

  • Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history

  • Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, risk acceptance trends)

Third-Party Risk Assessments and Lifecycle Management

  • Oversee third-party risk assessments, including inherent risk tiering

  • Ensure assessment scope are appropriate for vendor criticality, data sensitivity, and service impact

  • Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items

  • Maintain processes for periodic reassessments and continuous monitoring of high-risk/critical vendors

People Leadership

  • Lead, coach, and develop a team of TPRM professionals

  • Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership.

EDUCATION:

Required Qualifications

  • Bachelor’s degree or equivalent practical experience

  • 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines

  • 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity

  • Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement

  • Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting

  • Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions

  • Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation

Preferred Qualifications

  • Experience in regulated industries (financial services, healthcare, insurance, or similar)

  • Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)

  • Certifications such as CISA, CRISC, CISSP, CISM, or equivalent

  • Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model

Similar Jobs

42 Minutes Ago
Remote or Hybrid
Senior level
Senior level
Big Data • Fintech • Information Technology • Business Intelligence • Financial Services • Cybersecurity • Big Data Analytics
Provide paralegal support for regulatory matters, litigation, and escalated consumer complaints. Maintain legal files in HighQ, manage calendars and deadlines, coordinate complaint intake and consumer responses, prepare documentation and meeting materials, and support knowledge management and process improvement while handling confidential information and collaborating with Legal Counsel and cross-functional teams.
Top Skills: HighqExcelMS OfficeMicrosoft Powerpoint
43 Minutes Ago
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Mobile • Payments • Software • Financial Services
Looking for a Software Engineer to build financial products and tooling for Cash App's Lending team, ensuring quality and compliance while collaborating across domains.
Top Skills: AuroraAWSBuildkiteDatadogDynamoDBGradleGrpcGuiceHibernateHTTPJavaJettyJooqJSONJunitKafkaKotlinMySQLOkhttpProtocol BuffersRedisVitess
45 Minutes Ago
Remote or Hybrid
Mid level
Mid level
Gaming • Information Technology • Mobile • Software • Esports
Design, edit, and implement high-quality SFX, ambiences, UI, and cinematic audio. Integrate audio into UE5 using Wwise, collaborate with audio programmers and producers to build interactive systems, manage personal pipelines and deliverables, and capture field and studio recordings to expand the proprietary sound library.
Top Skills: Audio PluginsPerforcePro ToolsReaperUe5Ue5 BlueprintWwise

What you need to know about the Manchester Tech Scene

Home to a £5 billion digital ecosystem, including MediaCity, which consists of major players like the BBC, ITV and Ericsson, Manchester is one of the U.K.'s top digital tech hubs, at the forefront of advancements in film, television and emerging sectors like as e-sports, while also fostering a community of professionals dedicated to pushing creative and technological boundaries.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account