Third-Party Risk Manager in City of London

At Paynetics, we believe payments should be everywhere and effortless. As a European leader in Embedded Finance, our mission is to empower non-financial players to offer modern payment experiences that connect people and businesses across borders. We collaborate with technology giants, banks, telecoms, governments, and fintech startups in more than 20 countries throughout Europe and the UK. Our end‑to‑end suite of financial products – from issuing, acquiring, accounts, digital wallets and card programs – makes us one of the most versatile players in the industry. Over the years, our team has led landmark deals and strategic acquisitions that helped redefine what’s possible in the world of payments. Today, we serve 100,000+ clients, handle 200,000+ daily transactions, and continue to grow rapidly. We’re passionate about innovation, reliability, and impact – and we’re looking for talented people who share that drive. If you’re ready to help shape the future of finance, Paynetics is where your work will make a difference on a global scale.

Paynetics UK is seeking an experienced and pragmatic Third-Party Risk Manager to design, implement, and oversee the firm’s third‑party and outsourcing risk management framework. This role is pivotal in ensuring compliance with FCA outsourcing and operational resilience expectations, while also supporting Paynetics AD at group level in managing its wider vendor and sub‑outsourcing risks. The successful candidate will bring strong technical knowledge of regulatory requirements for outsourcing and third‑party management in financial services, combined with the ability to deliver practical oversight and advice in a fast‑paced environment.

What You’ll Be Doing:

• UK Outsourcing and Third Party Risk Framework: Lead the design, development, and maintenance of Paynetics UK’s Third Party Risk Management Framework, ensuring compliance with FCA rules (SYSC 8, operational resilience, DORA, and PRA SS2/21 where applicable). Define risk appetite, governance structures, and control standards for outsourcing and vendor management. Ensure proportionate oversight and due diligence aligned with the materiality of services and regulatory requirements. Maintain an up‑to‑date Outsourcing and Third Party Register, ensuring that risk assessments and contract records remain current and accurate.
• Group‑Level Third Party Risk Management: Collaborate closely with Paynetics’ risk and operational functions to strengthen the group‑level third‑party risk framework. Provide challenge and support to ensure consistent risk assessment methodologies, materiality ratings, and monitoring standards across the group. Contribute to group governance forums, sharing best practices and driving alignment with FCA and EU regulatory expectations. Support oversight of sub‑outsourcing arrangements, ensuring risks are understood, monitored, and reported to Paynetics UK as the regulated entity.
• Vendor and Partner Oversight: Conduct due diligence and ongoing monitoring of Paynetics UK’s material outsourced service providers, including Paynetics AD and key partners. Review service‑level performance, key risk indicators (KRIs), and MI to assess vendor risk exposure and trends. Oversee remediation actions and ensure proportionate escalation where performance or control weaknesses are identified. Collaborate with Compliance and Operations to ensure effective governance of partner‑related outsourcing risk.
• Risk Assessment and Reporting: Lead the outsourcing risk assessment process, including inherent and residual risk scoring, control evaluations, and periodic reviews. Integrate third‑party risks into the enterprise‑wide risk framework and operational resilience programme. Provide regular reporting to the Risk Committee and Board on key outsourcing risks, emerging issues, and risk treatment options.
• Regulatory Compliance and Horizon Scanning: Monitor regulatory developments in FCA, PRA, and EBA guidance related to outsourcing, operational resilience, and ICT risk. Advise management on required enhancements to governance or risk practices in response to regulatory change.

Our Requirements & Skillset:

• Proven experience managing third‑party or outsourcing risk in a banking, payments, or e‑money environment.
• Strong understanding of FCA outsourcing and operational resilience requirements (SYSC 8, PS21/3, DORA).
• Experience with group‑level or cross‑border outsourcing oversight, ideally within a regulated firm that subcontracts to a parent entity.
• Excellent analytical, written, and communication skills with the ability to translate regulatory expectations into actionable guidance.
• Strong Excel and data analysis skills for monitoring MI and KRIs.
• Experience preparing reports for Risk Committees or Boards.
• Familiarity with vendor governance systems or tools (e.g., Archer, ServiceNow, or Protecht).
• Collaborative and pragmatic mindset, with strong attention to detail and delivery.

We offer:

• Exciting job in a premium professional environment.
• Highly competitive remuneration.
• 25 days annual paid leave + 1 day for your birthday.
• Work in a growing team with excellent perspective for professional development.
• Remote location, with occasional travel to London and Sofia.

If you thrive in fast‑paced environments and are passionate about delivering innovative risk solutions, we want to hear from you! Apply now.