Vendor Risk Management Specialist

Vendor Risk Management Specialist

Major Duties and Responsibilities

In this role you will report to the Procurement & Contracts Manager and deliver on strategic goals enabling cross-functional collaboration to support business success.

• Lead centralised third-party risk management processes for all new and existing vendor/suppliers across the organisation.
• Conduct risk assessments for all vendor/suppliers in accordance with internal policies and standards.
• Coordinate risk and due diligence activities with internal stakeholders (Contract Owners, IT Security, Privacy, Legal).
• Support additional assessments for DORA, outsourcing, and operational resilience requirements.
• Liaise with external parties to facilitate onboarding and compliance tasks.
• Maintain a comprehensive vendor/supplier inventory using JIRA, documenting onboarding stages and assigning monitoring tasks based on risk ratings.
• Ensure annual re-assessments for Tier 1 and critical vendor/suppliers are completed.

Contract Monitoring & Oversight

• Annually review and update risk tiers for all active suppliers in JIRA.
• Monitor vendor/supplier performance with contract owners based on risk ratings and contractual obligations.
• Conduct biannual reviews of Critical/High/Elevated vendor/suppliers and monthly samples of medium-risk vendor/suppliers.
• Meet quarterly with Contract owners to assess compliance with the Third-Party Risk Management Policy.
• Escalate discrepancies or missed deadlines to relevant department heads.
• Report non-conformance to the Procurement & Contracts Manager.
• Flag potential risks for inclusion in the organisational Risk Register.

Vendor/supplier Offboarding

• Coordinate vendor/supplier offboarding in collaboration with Contract Owners.
• Ensure completion of offboarding questionnaires and assigned tasks.
• Request vendor/supplier removal from payment systems once all invoices are settled.
• Ensure Contract owners manage third party vendor/suppliers in line with regulatory and internal policy requirements.
• Collaborate on project initiatives as needed.
• Maintain and annually review the Third-Party Risk Management Policy and SOPs.
• Develop and update training materials for Contract owners, ensuring annual training is delivered via the internal learning platform.
• Support audits and regulatory reviews related to third party risk.
• Internal Contacts: Finance, Compliance, Legal, IT Security, Privacy, Senior Management, and cross-functional teams.
• External Contacts: Third party vendor/suppliers, external risk management teams, legal advisors, consultants, auditors.

Education Requirements

• Leaving Certificate & Bachelor's Degree

Problem Solving & Decision-Making skills

• Strong communication and interpersonal skills for effective stakeholder engagement.
• Excellent organisational skills and attention to detail.
• Deep understanding of risk management frameworks, regulatory compliance, and industry best practices.

Accountability

• This role directly influences vendor/supplier compliance, risk mitigation, and operational resilience.
• Impact includes vendor/supplier lifecycle management, audit readiness, and adherence to regulatory standards.
• Operates with limited supervision.
• Reports to the Procurement & Contracts Manager.
• Expected to proactively implement KPIs aligned with business objectives.

A competitive benefits package and hybrid working are available to the successful candidate.