Outsourcing & Third-Party Risk Manager

The Outsourcing Manager is responsible for establishing and overseeing a robust, group-wide outsourcing and third-party risk management framework across all entities within the Capital Vault Group. The role ensures that outsourcing and third-party arrangements support operational resilience, sound governance, and regulatory compliance across all jurisdictions in which the Group operates.

Responsibilities:

• Own and maintain the Group Outsourcing and Third-Party Risk Management Framework, ensuring it remains aligned with regulatory expectations, market standards, and the Group’s risk appetite.
• Provide strategic oversight for outsourcing activities across the Group, ensuring consistent application of policy and procedures.
• Advise senior management and Boards on outsourcing risks, emerging trends, and regulatory developments.
  

Oversight of Outsourced and Third-Party Arrangements

• Ensure all outsourcing and third-party arrangements are appropriately identified, assessed, approved, documented, monitored, and periodically reviewed.
• Oversee the lifecycle of third-party engagements, from initial assessment and due diligence through contract oversight, performance monitoring, and exit.
• Maintain appropriate registers and documentation that reflect the Group’s outsourcing landscape.
  

Risk Management & Operational Resilience

• Ensure outsourcing arrangements do not compromise the Group’s operational resilience, risk management, data protection, or supervisory obligations.
• Lead the identification and assessment of outsourcing risks, including criticality, concentration risk, and dependency risk.
• Oversee contingency and exit strategies to ensure continuity of business operations in the event of provider disruption.
  

• Work closely with Legal, Risk, Compliance, ICT, Information Security, Data Protection, and other functions to ensure that outsourcing and third-party arrangements meet internal and external requirements.
• Provide guidance to first-line teams engaging in or managing outsourced or third-party relationships, ensuring adherence to the outsourcing framework.
• Promote awareness and understanding of outsourcing requirements across the Group through training and stakeholder engagement.
  

• Establish mechanisms to monitor provider performance, service delivery, and adherence to contractual and regulatory obligations.
• Escalate material risks, breaches, and underperformance to senior management and relevant governance bodies.
• Prepare regular reporting and management information (MI) to support Board and committee oversight of outsourcing and third-party risks.
  

• Act as a key point of contact for regulatory matters relating to outsourcing and third-party risk.
• Ensure the Group meets regulatory expectations for outsourcing notifications, approvals, inspections, and reporting across all jurisdictions.
• Maintain awareness of evolving regulatory requirements and ensure the Group’s outsourcing framework adapts accordingly.

Requirements:

• • +5 years of experience in outsourcing, third-party risk, operational risk, or compliance within a regulated financial services environment;

    
    

  • Proven experience designing or managing a group-wide outsourcing / third-party risk framework;

    
    

  • Strong knowledge of regulatory requirements (e.g., CySEC, FCA, CMA (formerly SCA));

    
    

  • Experience overseeing the full outsourcing lifecycle, including due diligence, risk assessment, ongoing monitoring, and exit strategies;

    
    

  • Ability to assess and manage critical outsourcing risks (concentration, dependency, operational resilience);

    
    

  • Experience working across multiple jurisdictions and advising senior stakeholders;

    
    

  • Strong stakeholder management across Legal, Risk, Compliance, and Technology functions;

    
    

  • Hands-on, build-oriented mindset with the ability to scale processes in a growing organization.