The Role
Own and execute Tabby’s third‑party/vendor risk program: manage vendor onboarding, risk assessments, due diligence, monitoring, and SLAs; maintain vendor inventory and risk registers; build dashboards and support ERM activities including risk assessments, controls, reporting, and audit readiness.
Summary Generated by Built In
You'll own the day-to-day of Tabby's vendor (third-party) risk and management program while playing an active role across the broader Enterprise Risk Management (ERM) function. The role aims at effectively managing third parties end-to-end including assessing, onboarding, and monitoring vendors from both a risk and a commercial/performance angle and contributing to wider ERM work such as risk assessments, controls, reporting, and frameworks.This is a hands-on execution role for someone who moves fast, communicates clearly, and works well across teams.
Key Responsibilities
Vendor & third-party management
- Manage vendor risk assessments and due diligence throughout the onboarding lifecycle and approvals across different functional units and assisting in risk-tiering and classification of Tabby vendors.
- Manage the end-to-end vendor lifecycle for Tabby from intake, vendor risk assessment, project management across different stakeholders and managing internal approval flows.
- Maintain the vendor inventory, tracker, risk register, and supporting documentation so the picture is always current and audit-ready.
- Be the go-to coordinator between vendors and internal stakeholders (Procurement, Legal, InfoSec, Compliance, Finance, business owners) keeping things moving without dropping detail.
- Help evolve and design Tabby's third-party risk strategy and framework assessment standards, policies to cater to business growth and changing regulatory environment.
- Provide oversight of onboarding and due diligence process to identify and reduce risk before a vendor is engaged.Track vendor performance against SLAs and KPIs through periodic reviews, flagging issues early and driving remediation to closure.
- Build and maintain live dashboards that track SLA compliance, cycle times, ageing breaches, and approval activity across regions and functions — turning the data into actionable improvements.
Additional responsibilities would include -
- Support risk identification, assessment, and control mapping assisting the Enterprise risk function.
- Help maintain the enterprise risk register and contribute to risk reporting for management and committees.
- Support control testing, issue tracking, and remediation follow-up.
- Help prepare for audits and regulatory or internal reviews.
Skills, Knowledge & Expertise
- 2-4 years in vendor/third-party risk management ERM, audit, or a related risk/controls function ideally in fintech, banking, or another regulated environment.
- Fair understanding of third-party risk concepts and working familiarity with enterprise risk frameworks (e.g. COSO, ISO 31000).
- Strong organisation and execution: you close loops, hit deadlines, and keep clean records.
- Clear, concise communicator comfortable pushing vendors and stakeholders for what's needed
- Comfortable with ambiguity and a fast-moving environment; bias to action.
- Strong with documentation and tools (Excel/Sheets; GRC or vendor-management platforms a plus).
- Bachelor's degree in business, finance, risk, or a related field. Relevant certifications (risk, audit, security) are a plus.
About
Tabby creates financial freedom in the way people shop, earn and save, by reshaping their relationship with money.The company’s flagship offering allows shoppers to split their payments online and in-store with no interest or fees. Over 32,000 global brands and small businesses, including Amazon, Noon, IKEA and Shein use Tabby to accelerate growth and gain loyal customers by offering easy and flexible payments online and in stores.Tabby has generated over $7 billion in transaction volume for its partner brands and has the highest rated, most reviewed, largest and fastest growing app of any fintech in the GCC region.Tabby launched operations in 2020 and has raised +$1 billion in equity and debt funding from global and regional investors.
Skills Required
- 2-4 years in vendor/third-party risk management, ERM, audit, or related risk/controls function
- Experience managing vendor lifecycle, vendor risk assessments, and due diligence
- Working familiarity with enterprise risk frameworks (e.g., COSO, ISO 31000)
- Strong organization, execution, and documentation skills
- Clear, concise communication and stakeholder coordination skills
- Proficiency with Excel/Google Sheets
- Experience with GRC or vendor-management platforms
- Bachelor's degree in business, finance, risk, or related field
- Relevant certifications (risk, audit, security)
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Tabby is a financial technology company on a mission to create financial freedom by reshaping people's relationship with money through buy now, pay later services, allowing consumers to split purchases into interest-free payments.







