Third Party Risk Manager (Senior Associate)

Location: Melbourne or Sydney, Australia
Reports to: Global Head of Information Security

Teneo is seeking a Third-Party Risk Manager (Senior Associate) to support the build-out and day-to-day operation of the firm’s Third-Party Risk Management (TPRM) programme.

This role is suited to a risk professional with a solid foundation in third-party risk, cybersecurity risk, or GRC, who is looking to step into a broader programme role with the opportunity to help shape processes, tooling, and ways of working - with senior support and direction.

You will work closely with Information Security leadership and key stakeholders across procurement, legal, IT, and the business to help establish and run a scalable, risk-based TPRM approach that supports both traditional vendors and emerging technology providers, including AI and SaaS platforms.

TPRM Programme Build-out & Operation (Primary Focus)

• Support the development and operationalisation of Teneo’s Third Party Risk Management programme, including policies, standards, workflows, and reporting.
• Help implement a scalable, risk-based approach to third-party risk that considers vendor criticality, data sensitivity, and business impact.
• Assist in embedding third-party risk lifecycle processes, including onboarding, due diligence, contracting support, ongoing monitoring, issue management, and off-boarding.
• Contribute to the development and maintenance of repeatable vendor assessment methodologies across professional services, technology providers, SaaS platforms, and AI vendors.

Tooling, Monitoring & Execution

• Support the implementation and ongoing use of Teneo’s third-party risk tooling (UpGuard).
• Assist with configuring dashboards, workflows, and alerts to improve visibility into third-party risk exposure.
• Help triage, track, and follow up on third-party risk issues identified through assessments or tooling.
• Support remediation tracking and escalation in line with agreed risk tolerances.

AI & Emerging Technology Risk

• Support the assessment of AI-enabled and emerging technology vendors, with guidance from senior stakeholders.
• Contribute to third-party risk approaches that consider AI-specific risks such as data usage, privacy, security, and resilience.
• Stay informed on evolving industry guidance and best practices related to AI and third-party risk.

Stakeholder Engagement & Advisory

• Act as a key point of coordination for third-party risk activities across the business.
• Work with procurement, legal, IT, and security teams to support third-party risk activities within sourcing and contracting processes.
• Communicate third-party risk findings clearly to stakeholders, escalating issues where required.

Governance, Reporting & Assurance

• Assist with maintaining third-party risk reporting, metrics, and registers.
• Support audits, client assurance requests, and internal reviews related to third-party risk.
• Help maintain appropriate documentation, evidence, and records to support Teneo’s security and risk objectives.

• 4–6+ years of experience in third-party risk, cybersecurity risk, GRC, or technology risk roles.
• Working knowledge of third-party and supply-chain risk concepts, particularly in technology, SaaS, or cloud environments.
• Experience supporting or operating third-party risk assessments and remediation tracking.
• Familiarity with third-party risk tools or continuous monitoring platforms (UpGuard experience desirable but not required).
• Comfortable working in a structured but evolving environment where processes are still being built.
• Strong written and verbal communication skills, with the ability to explain risk clearly to non-technical stakeholders.

• Exposure to assessing SaaS, cloud, or AI vendors and associated data or security risks.
• Familiarity with standards and frameworks such as ISO 27001, NIST, SOC 2, or similar.
• Awareness of common vendor assessment libraries (e.g. SIG, CAIQ).
• Experience working in professional services, consulting, or fast-paced environments.
• Relevant certifications (CISM, CISSP, CRISC, or similar) are beneficial but not required.

• Competitive salary
• Health and wellbeing support provided by Intellect Holistic
• $500 annual health and wellness stipend
• Annual leave: 20 days plus three-day annual closure between Christmas Eve and New Year’s Eve
• 1 day of leave during birthday month
• 1 wellness day
• 10 days per annum personal/carer’s leave

Teneo is the global CEO advisory firm. We partner with our clients globally to do great things for a better future.

Drawing upon our global team and expansive network of senior advisors, we provide advisory services across five business segments on a stand-alone or fully integrated basis. Our clients include many of the Fortune 100 and FTSE 100, alongside leading financial institutions and public-sector organisations.

With more than 1,600 employees across 45+ offices worldwide, Teneo delivers expertise across strategic communications, investor relations, financial transactions, management consulting, cyber and physical risk, governance, ESG, and geopolitical advisory.

#LI-Hybrid