Third Party Risk Management Lead

Job title: Third Party Risk Management Lead

Company: EirGrid Group


Job description: Job DetailsEirGrid Group has a unique role to play in leading this radical transformation of our power system in support of the transition to renewable energy. This will require pioneering engineering effort together with enhanced IT capability to respond successfully to the scale of disruption. This offers a unique opportunity to further your career in IT while playing a significant role in delivering EirGrid Group’s IT transformation.We’re an IT intensive business, and we operate a state-of-the-art, specialised business-critical systems, 24/7. Our future has never looked more exciting. And this is an incredible opportunity to be part of it. The world is ready for change. If you are too, join us.The TeamThis role is part of a well-established Enterprise Security team, who lead in the design, implementation and troubleshooting of IT security solutions across a variety of technical platforms, data networks and security domains. The solutions involved underpin the organisation’s corporate, market and power system operational functions. We are in the process of establishing a new Cyber Governance, Risk and Compliance (GRC) team, and this role will play a crucial part in enhancing resilience and protecting essential operations through comprehensive vendor risk management.The OpportunityWe are seeking a highly experienced Third-Party Risk Management Lead, to oversee the evaluation and management of risks associated with third-party service providers (TSPs) at EirGrid. This role will be responsible for developing and advancing a robust Third-Party Risk Management (TPRM) Programme, collaborating across various business units to minimize risk exposure and ensure external vendors comply with rigorous security, governance, and compliance standards. This strategic position requires blending technical expertise with strong cross-functional collaboration. The role will shape processes, implement automation, and influence policies at senior levels.Key Responsibilities

• Third-Party Service Provider Management: Maintain a current, accurate, and comprehensive list of all Third-Party Service Providers (TSPs) that can impact the confidentiality, integrity, availability, and safety of the organisation’s systems, applications, services, and data.
• Supply Chain Risk Assessment: Identify, prioritise, and assess TSPs and their critical systems and services through a structured risk assessment process, ensuring alignment with their significance in delivering high-value services.
• Security Risk Evaluation: Conduct thorough evaluations of security risks associated with TSPs to ensure due care reviews are performed prior to entering contractual agreements for acquiring hardware, software, and services.
• Compliance and Regulatory Oversight: Ensure that all TSPs comply with EirGrid’s cybersecurity requirements and applicable national laws and regulatory requirements through ongoing oversight and compliance checks.
• Service Level Agreements (SLAs) Management: Maintain a comprehensive list of applicable Service Level Agreements (SLAs) with TSPs, collaborating with Contract Owners and facilitating performance monitoring and compliance assessment.
• Ongoing Monitoring and Reporting: Continuously monitor security controls of external service providers, introduce automation efficiencies and report any identified weaknesses, deficiencies or compliance issues to appropriate stakeholders.
• Contractual Review and Notifications: Review client contracts and services to determine appropriate clauses and necessity for client notifications regarding changes in status of TSPs, including terminations.
• Risk Assessment on Outsourcing: Conduct thorough risk assessments for outsourcing services and ensure proactive measures are taken to address identified risks through collaboration with contract owners and TSPs.
• Documentation Management: Maintain documentation regarding which compliance requirements are managed by each TSP and which are the responsibility of EirGrid for transparency and accountability.

About You

• Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Risk Management, or a related field
• At least 6 plus years of experience in cybersecurity, risk management, or compliance roles, with a strong focus on third-party risk assessment.
• Experience in conducting risk assessments or audits of third-party service providers in an enterprise environment.
• In-depth understanding of risk assessment frameworks and methodologies, including qualitative and quantitative risk assessments, and vulnerability assessment techniques specifically tailored for third-party services.
• Hands-on experience implementing and monitoring compliance with cybersecurity standards and frameworks such as ISO 27001, NIST Cybersecurity Framework and regulatory requirements (e.g., GDPR, NIS2, DORA) within the context of vendor management and third-party service providers.
• Proficient in preparing detailed reports, presentations and documentation for management and regulatory compliance.

Closing date for applications
24/07/2025We’re dedicated to diversity and inclusion at Eirgrid. We recognise the strength that comes from having a diverse workforce and the importance of a supportive culture for all our people to achieve their potential. Our diversity and inclusion networks have been designed to create an inclusive culture that enables our people to feel a sense of belonging at work.As an equal opportunities’ employer, we welcome applications from people of all backgrounds. Reasonable accommodations are offered at every stage of our recruitment process

Expected salary:

Location: Co Dublin

Job date: Sat, 12 Jul 2025 00:15:29 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck