Third Party Risk Consultant

About the role

The Third‑Party Risk Consultant will support a leading bank in Kuwait by managing risks associated with vendors, service providers, outsourcing partners and affiliates. The role ensures the bank’s third‑party risk management framework aligns with local regulators and international standards.

Key responsibilities

• Design, implement and maintain the Third‑Party Risk Management (TPRM) framework.
• Maintain third‑party risk policies, standards and procedures.
• Support regulatory inspections and internal/external audits.
• Conduct inherent and residual risk assessments for third parties.
• Support third‑party PIA/DPIA and data‑sharing assessments.
• Review contractual privacy and security clauses (SLAs, DPAs).
• Facilitate workshops and awareness sessions on third‑party risk.

Required profile

• Proven experience in third‑party risk management within the banking sector.
• Knowledge of regulatory requirements such as CBUAE, CBK, NESA and ISO 27001.
• Ability to conduct inherent and residual risk assessments.
• Experience reviewing contractual privacy and security clauses (SLAs, DPAs).
• Capability to facilitate workshops and awareness sessions on third‑party risk.

Required skills