Location: Melbourne or Sydney, Australia
Reports to: Global Head of Information Security
Teneo is seeking a Third-Party Risk Manager (Senior Associate) to support the build-out and day-to-day operation of the firm’s Third-Party Risk Management (TPRM) programme.
This role is suited to a risk professional with a solid foundation in third-party risk, cybersecurity risk, or GRC, who is looking to step into a broader programme role with the opportunity to help shape processes, tooling, and ways of working - with senior support and direction.
You will work closely with Information Security leadership and key stakeholders across procurement, legal, IT, and the business to help establish and run a scalable, risk-based TPRM approach that supports both traditional vendors and emerging technology providers, including AI and SaaS platforms.
ResponsibilitiesTPRM Programme Build-out & Operation (Primary Focus)
- Support the development and operationalisation of Teneo’s Third Party Risk Management programme, including policies, standards, workflows, and reporting.
- Help implement a scalable, risk-based approach to third-party risk that considers vendor criticality, data sensitivity, and business impact.
- Assist in embedding third-party risk lifecycle processes, including onboarding, due diligence, contracting support, ongoing monitoring, issue management, and off-boarding.
- Contribute to the development and maintenance of repeatable vendor assessment methodologies across professional services, technology providers, SaaS platforms, and AI vendors.
Tooling, Monitoring & Execution
- Support the implementation and ongoing use of Teneo’s third-party risk tooling (UpGuard).
- Assist with configuring dashboards, workflows, and alerts to improve visibility into third-party risk exposure.
- Help triage, track, and follow up on third-party risk issues identified through assessments or tooling.
- Support remediation tracking and escalation in line with agreed risk tolerances.
AI & Emerging Technology Risk
- Support the assessment of AI-enabled and emerging technology vendors, with guidance from senior stakeholders.
- Contribute to third-party risk approaches that consider AI-specific risks such as data usage, privacy, security, and resilience.
- Stay informed on evolving industry guidance and best practices related to AI and third-party risk.
Stakeholder Engagement & Advisory
- Act as a key point of coordination for third-party risk activities across the business.
- Work with procurement, legal, IT, and security teams to support third-party risk activities within sourcing and contracting processes.
- Communicate third-party risk findings clearly to stakeholders, escalating issues where required.
Governance, Reporting & Assurance
- Assist with maintaining third-party risk reporting, metrics, and registers.
- Support audits, client assurance requests, and internal reviews related to third-party risk.
- Help maintain appropriate documentation, evidence, and records to support Teneo’s security and risk objectives.
- 4–6+ years of experience in third-party risk, cybersecurity risk, GRC, or technology risk roles.
- Working knowledge of third-party and supply-chain risk concepts, particularly in technology, SaaS, or cloud environments.
- Experience supporting or operating third-party risk assessments and remediation tracking.
- Familiarity with third-party risk tools or continuous monitoring platforms (UpGuard experience desirable but not required).
- Comfortable working in a structured but evolving environment where processes are still being built.
- Strong written and verbal communication skills, with the ability to explain risk clearly to non-technical stakeholders.
- Exposure to assessing SaaS, cloud, or AI vendors and associated data or security risks.
- Familiarity with standards and frameworks such as ISO 27001, NIST, SOC 2, or similar.
- Awareness of common vendor assessment libraries (e.g. SIG, CAIQ).
- Experience working in professional services, consulting, or fast-paced environments.
- Relevant certifications (CISM, CISSP, CRISC, or similar) are beneficial but not required.
- Competitive salary
- Health and wellbeing support provided by Intellect Holistic
- $500 annual health and wellness stipend
- Annual leave: 20 days plus three-day annual closure between Christmas Eve and New Year’s Eve
- 1 day of leave during birthday month
- 1 wellness day
- 10 days per annum personal/carer’s leave
Teneo is the global CEO advisory firm. We partner with our clients globally to do great things for a better future.
Drawing upon our global team and expansive network of senior advisors, we provide advisory services across five business segments on a stand-alone or fully integrated basis. Our clients include many of the Fortune 100 and FTSE 100, alongside leading financial institutions and public-sector organisations.
With more than 1,600 employees across 45+ offices worldwide, Teneo delivers expertise across strategic communications, investor relations, financial transactions, management consulting, cyber and physical risk, governance, ESG, and geopolitical advisory.
#LI-Hybrid
Top Skills
What We Do
Teneo is the global CEO advisory firm. We partner with our clients globally to do great things for a better future.
Drawing upon our global team and expansive network of senior advisors, we provide advisory services across our five business segments on a stand-alone or fully integrated basis to help our clients solve complex business challenges. Our clients include a significant number of the Fortune 100 and FTSE 100, as well as other corporations, financial institutions and organizations.
Our full range of advisory services includes strategic communications, investor relations, financial transactions and restructuring, management consulting, physical and cyber risk, organizational design, board and executive search, geopolitics and government affairs, corporate governance, ESG and DE&I.
The firm has more than 1,500 employees located in 40 offices around the world.
.png)






