Manager, Third Party Risk

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 150,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale.

Proudly founded in Melbourne, we have a team of over 1,700 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$6.2 billion and backed by world-leading investors including Visa, Airtree, Blackbird, Sequoia, DST Global, Greenoaks, Salesforce Ventures, Lone Pine, and Square Peg, Airwallex is leading the charge in building the global payments and financial platform of the future. If you’re ready to do the most ambitious work of your career, join us.

Please note that the contract for this role will start in January or February 2026. Apply only if you are ready to begin at that time, thank you.

What You’ll Do

As a Manager, Third Party Risk based in Amsterdam, you will play a mission-critical role in overseeing the end-to-end lifecycle of third-party risk management (TPRM) across Airwallex. You will hold primary accountability for ensuring compliance with DORA, the EBA outsourcing guidelines, and local NL/UK outsourcing rules, while also contributing to the uplift and execution of Airwallex’s global TPRM framework. Working closely with Legal, Compliance, Information Security, Procurement, and business leaders worldwide, you will help embed a risk-based, automated, and scalable approach across onboarding, contract review, performance monitoring, and vendor exit—ensuring Airwallex strengthens operational resilience, regulatory compliance, and innovation globally.

Responsibilities

• Lead the full TPRM lifecycle—onboarding, due diligence, contract/SLA review, performance monitoring, and vendor exit—across EMEA, while contributing to global consistency and best practice.

• Conduct risk assessments to identify, evaluate, and mitigate regulatory, operational, financial, and reputational risks for suppliers across multiple regions.

• Ensure compliance with DORA, EBA outsourcing guidelines, and local NL/UK rules, while supporting global alignment of frameworks, policies, and the Group’s Register of Information for ICT providers.

• Monitor supplier performance, SLAs, and risk metrics; escalate issues and enforce remediation plans; ensure contracts include adequate security, audit, incident, exit, and recovery provisions.

• Partner with Legal, Compliance, Infosec, Procurement, and business owners globally to strengthen third-party and subcontractor governance.

• Support continuous enhancement of TPRM policies, automation, and reporting through platforms such as AuditBoard; maintain audit-ready documentation and test process resilience.

• Provide management, risk committees, and governance forums with actionable reporting on risk trends, remediation status, and emerging third-party risk themes—both regionally and globally.

Who You Are

Minimum qualifications

• 3–5 years’ experience in third-party risk, outsourcing risk, operational risk, or compliance/assurance within financial services, fintech, or other regulated environments.

• Demonstrated hands-on involvement in the full TPRM lifecycle (onboarding, due diligence, contract/SLA review, monitoring, and exit).

• Familiarity with, or direct experience applying, DORA, EBA outsourcing guidelines, and regulatory expectations for ICT/cloud providers in the EU.

• Strong understanding of vendor contract requirements (security, audit, incident reporting, exit strategy) and ability to drive contract remediation initiatives.

• Experience using TPRM automation/workflow platforms (e.g., AuditBoard, OneTrust) and producing data-driven risk reporting.

• Excellent communication and stakeholder management skills, with the ability to build credibility and influence across global teams.

Preferred qualifications

• Experience interfacing with regulators (DNB, FCA, EBA) or supporting regulatory audits/assessments.

• Knowledge of cloud, SaaS, and fourth-party/sub-outsourcing risks in financial services.

• Prior responsibility for managing resilience, performance, and due diligence of critical ICT and cloud vendors.

• Background in change management, process improvement, or further education in risk, compliance, or information security.

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

Airwallex does not accept unsolicited resumes from search firms/recruiters.  Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.