Wise is a global technology company, building the best way to move and manage the world’s money.
Min fees. Max ease. Full speed.

Whether people and businesses are sending money to another country, spending abroad, or making and receiving international payments, Wise is on a mission to make their lives easier and save them money.

As part of our team, you will be helping us create an entirely new network for the world's money.
For everyone, everywhere.

More about our mission and what we offer.

This role encompasses the strategic planning and management of Third-Party Risk, ensuring alignment with both industry standards and regulatory expectations. As the Third-Party Assurance Manager, you will be supporting the development, ongoing maintenance, and enhancement of the comprehensive Third-Party Risk Management (TPRM) framework and policies to align with industry best practices, regulatory requirements, and Wise's Enterprise Risk Management framework.

Acting as a specialized Assurance/Audit Specialist focused on evaluating the security posture and data handling compliance of our Third-party providers, you will leverage deep technical knowledge of information security controls, privacy-by-design principles, and audit methodologies. You will ensure compliance with global security frameworks, data protection regulations (e.g. GDPR), and industry standards (e.g., SOC 2, ISO 27001) to maintain an assurance program that safeguards company and customer data, and ensures the integrity and security of Third-party relationships.

Additionally, you will contribute to the wider Third-party risk management strategy and ensure the effective design of Third-party risk controls and processes while also collaborating with the Third-Party Risk team on joint initiatives.

Third Party Risk Assurance Manager Duties and Responsibilities

Strategic Risk Management Alignment

• Collaborate to ensure that Third-Party Assurance strategies are in sync with the organization’s overall risk management framework and strategic objectives. This entails working closely with subject matter experts from areas such as Security, Privacy, and Technology to integrate Third-party risk considerations into the broader organizational risk profile.
• Serve as the primary Information Security and Privacy SME for the Third-Party Risk Assurance function.
• Collaborate extensively with subject matter experts from areas such as Information Security and Privacy teams to integrate specific Third-party security and privacy risk considerations into the organization’s broader risk profile and strategic objectives.
• Ensure Third-Party Assurance strategies remain compliant with evolving global security standards (e.g., NIST, ISO 27001) and data protection regulations (e.g., GDPR, various state/country-specific laws).

Third Party Assurance Planning & Execution

• Conduct comprehensive audits and assessments of Third-party vendors to ensure compliance with company standards, regulatory requirements, and industry best practices. Create detailed audit reports summarizing findings, risks, and remediation plans. Collaborate with Third-party vendors to remediate identified risks and track progress until resolution.
• Conduct comprehensive audits and assessments of Third parties, specifically focused on their Information Security controls, data privacy practices, incident response capabilities, and adherence to Wise's security requirements.
• Evaluate control evidence related to security domains such as access management, encryption, network security, and secure development lifecycle (SDLC).
• Create detailed audit reports summarizing security/privacy findings, identifying critical risks, and proposing robust remediation plans.
• Collaborate directly with Third parties to drive the remediation of identified security and privacy risks and track progress through to full resolution.

Third Party Assurance Program Enhancement & Development

• Work with the Assurance Lead to mature and evolve the Wise’s Third-Party Assurance program in alignment with strategic guidance from Wise Leadership and global regulatory expectations.
• Work with the Assurance Lead to continuously mature and evolve the Wise’s Third-Party Assurance program, specifically by enhancing assessment methodologies and control libraries to align with Wise Leadership and global regulatory expectations.
• Incorporate best practices from security assurance frameworks and regulatory guidance into the program's design.

Strategic Oversight and Improvements

• Contribute to strategic oversight and continuously audit current processes to optimise Third-party management processes, together with the rest of the TPRM leadership. The goal is to enhance the efficiency and effectiveness of controls, identify areas for improvement, and develop improvement plans.

• Proven experience in Information Security and/or Data Privacy within a risk, audit, or compliance function.
• In-depth knowledge of key Information Security frameworks (e.g., ISO 27001, SOC 2, NIST CSF) and major Data Privacy regulations (e.g., GDPR, CCPA, etc.).
• Relevant industry certifications such as CISM, CISSP, CISA, or CIPP are highly advantageous.
• Knowledge and experience in managing or overseeing Vendor/Third-Party Audit processes, including scoping, execution, and reporting.
• Excellent verbal and written communication skills for engaging with technical and non-technical stakeholders, including Third-party leadership, internal security teams, and executive leadership.
• Ability to collaborate effectively with a variety of stakeholders across Legal, Information Security, and Business teams.
• Strong attention to detail and excellent organizational skills, especially when managing complex technical evidence.
• Comfortable in a fast-paced environment, able to adjust to changing priorities related to security incidents or regulatory shifts.
• Capable of working independently with little supervision, while handling multiple tasks and priorities.

For everyone, everywhere. We're people building money without borders  — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

We're proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what it's like to work at Wise visit Wise.Jobs.

Keep up to date with life at Wise by following us on LinkedIn and Instagram.