Third Party Risk & Assurance Specialist

Who are we?👋 Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers’ legs. Ki’s mission is simple. Digitally disrupt and revolutionise a 335-year-old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to give insurance brokers quotes in seconds, rather than days. Ki is proudly the biggest global algorithmic insurance carrier. It is the fastest growing syndicate in the Lloyd's of London market, and the first ever to make $100m in profit in 3 years. Ki’s teams have varied backgrounds and work together in an agile, cross-functional way to build the very best experience for its customers. Ki has big ambitions but needs more excellent minds to challenge the status-quo and help it reach new horizons. Where you come in? We are seeking a specialist in third party risk and assurance, with experience across various types of technology service providers. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications. This role will suit someone who has managed vendors previously, or someone with equivalent practical experience in providing technology and security assurance for clients, who is looking to grow into a GRC role and potentially beyond third party risk. Nevertheless, we are open to other experiences as we are creating a new diverse and dynamic team to build innovative ways of assessing and managing third party risk. What you will be doing: 🖋️ Framework Development: Create and implement policies, risk management frameworks, tier classifications, and supplier due diligence processes. Procurement & Assessments: Plan and oversee third-party due diligence, risk evaluations, compliance assessments, and data protection requirements. Onboarding & Contracts: Support contract negotiations, operational readiness, and renewal processes for third-party relationships. Ongoing Monitoring: Conduct supply chain impact assessments, manage outsourcing risks, disaster recovery planning, and regular control assurance reviews. Client Assurance: Address client risk obligations, support audits and incident management, and ensure compliance across third-party agreements. Reporting & Documentation: Prepare governance reports and maintain accurate documentation for audits and knowledge transfer. Team Development: Foster team learning and development while researching advanced risk assurance practices. Experience in managing technology third party relationships, which must include cloud service providers and software providers Established and negotiated requirements for contracts Monitored third party service performance and supply chain risks Worked with third party service providers to ensure service continuity Managed third party incidents Knowledge of technology relevant regulations and frameworks Familiarity with resilient architecture design principles Reported on third party risks and metrics to non-technical stakeholders Influenced and coordinated cross-function teams You’ll get a highly competitive remuneration and benefits package. This is kept under constant review to make sure it stays relevant. We understand the power of saying thank you and take time to acknowledge and reward extraordinary effort by teams or individuals.

What to expect during the recruitment process:

1) Initial recruiter screening call 2) Interview with hiring manager 3) Technical Interview (this may vary depending on the role) 4) Values Interview