Third Party Assurance Manager

Location: Global

Team: General

About the Role

Wise is a global technology company revolutionizing the way the world moves and manages money with min fees, max ease, and full speed. As Third Party Assurance Manager, you will lead the strategic planning and management of Third-Party Risk, developing and enhancing our TPRM framework to meet industry best practices, regulatory requirements, and Wise's Enterprise Risk Management standards. Leveraging deep expertise in information security controls, privacy-by-design, and audit methodologies, you will ensure compliance with global frameworks like GDPR, SOC 2, and ISO 27001, safeguarding company and customer data across all third-party relationships. In this role, you will conduct comprehensive audits of vendors' security postures, data handling, and incident response, producing detailed reports with remediation plans and driving resolutions to completion. Collaborating with Security, Privacy, Technology teams, and TPRM leadership, you will integrate third-party risks into our broader risk profile, mature our assurance program, and optimize processes for efficiency. This is a chance to shape Wise's third-party ecosystem while contributing to our mission of building a new network for the world's money—for everyone, everywhere.

Key Responsibilities

• Collaborate to align Third-Party Assurance strategies with organization’s risk management framework and strategic objectives
• Serve as primary Information Security and Privacy SME for Third-Party Risk Assurance
• Conduct comprehensive audits and assessments of Third-party vendors focused on security controls and data privacy
• Create detailed audit reports with findings, risks, and remediation plans
• Collaborate with vendors to remediate risks and track progress to resolution
• Work with Assurance Lead to mature and evolve the Third-Party Assurance program
• Incorporate best practices from security frameworks and regulatory guidance
• Contribute to strategic oversight and process optimizations for Third-party management

Required Qualifications

• Proven experience in Information Security and/or Data Privacy within a risk, audit, or compliance function
• In-depth knowledge of key Information Security frameworks (e.g., ISO 27001, SOC 2, NIST CSF)
• Knowledge and experience in managing or overseeing Vendor/Third-Party Audit processes, including scoping, execution, and reporting
• Excellent verbal and written communication skills for engaging with technical and non-technical stakeholders

Preferred Qualifications

• Relevant industry certifications such as CISM, CISSP, CISA, or CIPP
• Experience with global data protection regulations (e.g., GDPR, CCPA)
• Background in financial services or technology companies

Required Skills

• Information Security frameworks (ISO 27001, SOC 2, NIST)
• Data Privacy regulations (GDPR, CCPA)
• Audit methodologies and control evaluation
• Vendor risk assessment and remediation
• Technical knowledge of access management, encryption, network security
• Secure development lifecycle (SDLC)
• Incident response capabilities assessment
• Stakeholder communication (technical and non-technical)
• Risk reporting and strategic alignment
• Process optimization and program development

Benefits

• RSUs (stock options)
• Flexible working
• Parental leave
• Learning budget
• Paid sabbatical after 4 years
• Health insurance
• Company retreat
• Wise card

Wise is an equal opportunity employer committed to building a diverse workforce.