Head of Third-Party Risk Management (TRPM)

Who are we?

Howden is a collective – a group of talented and passionate people all around the world. Together, we have pushed the boundaries of insurance. We are united by a shared passion and no-limits mindset, and our strength lies in our ability to collaborate as a powerful international team comprised of 18,000 employees spanning over 100 countries.

People join Howden for many different reasons, but they stay for the same one: our culture. It’s what sets us apart, and the reason our employees have been turning down headhunters for years. Whatever your priorities – work / life balance, career progression, sustainability, volunteering – you’ll find like-minded people driving change at Howden.

We are seeking an visionary Head of Third-Party Risk Management (TRPM) to establish and lead an outstanding TRPM function. This is a critical leadership role in ensuring that our third-party engagements align with our business objectives, risk appetite, and regulatory requirements. You will shape and implement a strategic governance framework that enhances our third-party risk capabilities, supports sustainable growth, and drives operational excellence.

What will you be doing?

1. Strategic Leadership:

• Develop, implement, and refine a global Third-Party Risk Management (TRPM) strategy aligned with the company’s growth objectives and risk appetite.
• Foster a culture of proactive risk management and accountability across the organisation.
• Collaborate with senior leadership to identify strategic third-party risks and mitigation opportunities.

2. Framework Development:

• Design and establish a comprehensive TRPM governance framework, including policies, standards, and procedures, ensuring compliance with industry regulations and best practices.
• Develop scalable processes for third-party risk assessments, onboarding, monitoring, and termination.
• Introduce robust metrics and Key Risk Indicators (KRIs) to track and report on third-party risk performance.

3. Risk Oversight and Operations:

• Build and lead a team responsible for conducting risk assessments of third-party vendors, contractors, and partners across key risk domains (e.g., operational, cybersecurity, financial, regulatory, and reputational).
• Build processes to identify, assess, and respond to emerging third-party risks across global markets.
• Monitor third-party performance to ensure compliance with contractual obligations, service levels, and risk expectations.

4. Governance and Reporting:

• Establish a clear governance structure for third-party risk management, ensuring cross-functional collaboration across legal, procurement, IT, and business units.
• Provide regular reports to executive leadership and the board on third-party risk exposure, trends, and remediation activities.
• Ensure timely communication and escalation of significant third-party risks or incidents.

5. Capability Building and Continuous Improvement:

• Drive process optimisation and automation to enhance the efficiency and effectiveness of TRPM activities.
• Lead the implementation of third-party risk management tools and technologies to improve visibility and control.
• Develop training programmes to increase TRPM awareness and capabilities across the organisation.
• Benchmark TRPM practices against industry standards and identify opportunities for continuous improvement.

Skills and Experience

Essential:

• Proven experience in risk management, compliance, or procurement, with a focus on third-party or vendor risk.
• Consistent track record of designing and scaling TRPM frameworks in a global organisation, preferably in financial services or insurance.
• Deep understanding of third-party risk domains, including regulatory compliance, cybersecurity, data privacy, and operational resilience.
• Strong leadership skills with the ability to influence and engage stakeholders at all organisational levels.
• Experience with implementing third-party risk management technologies (e.g., GRC platforms, vendor management systems).
• Exceptional analytical, problem-solving, and decision-making skills.
• Excellent communication skills, including the ability to present complex concepts to executive stakeholders.

Desirable:

• Knowledge of insurance regulations and standards (e.g., Solvency II, GDPR).
• Professional certifications such as Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA), or Certified Risk Manager (CRM).
• Global experience working with culturally diverse teams and markets.

What do we offer in return?

A career that you define. At Howden, we value diversity – there is no one Howden type. Instead, we’re looking for individuals who share the same values as us:

• Our successes have all come from someone brave enough to try something new

• We support each other in the small everyday moments and the bigger challenges

• We are determined to make a positive difference at work and beyond

Reasonable adjustments

We're committed to providing reasonable accommodations at Howden to ensure that our positions align well with your needs.  Besides the usual adjustments such as software, IT, and office setups, we can also accommodate other changes such as flexible hours* or hybrid working*.

If you're excited by this role but have some doubts about whether it’s the right fit for you, send us your application – if your profile fits the role’s criteria, we will be in touch to assist in helping to get you set up with any reasonable adjustments you may require.

*Not all positions can accommodate changes to working hours or locations. Reach out to your Recruitment Partner if you want to know more.

Permanent