Third-Party Risk Analyst

About the client Our client is a leading European crypto processing company providing regulated digital asset payment solutions to partners and merchants across multiple jurisdictions. The business operates at scale, working with a broad ecosystem of third-party partners, service providers, and counterparties, and places strong emphasis on risk management, transparency, and regulatory alignment. About the role A Third-Party Risk Manager will be responsible for conducting risk assessments and due diligence on external partners across the crypto processing ecosystem. This role plays a critical part in protecting the company from regulatory, operational, and reputational risks arising from third-party relationships. Responsibilities Assess and manage risks related to third-party partners, including banks, PSPs, crypto service providers, vendors, and IT/platform providers. Perform comprehensive third-party due diligence beyond standard KYC, covering financial stability, regulatory exposure, operational resilience, and ICT risk. Identify and classify third parties based on their criticality, dependency level, and impact on business continuity. Evaluate whether a third party may introduce regulatory, operational, concentration, or reputational risks to the company. Conduct DORA-aligned assessments for outsourced and critical third parties, including operational and ICT resilience reviews. Determine appropriate risk mitigation measures, such as contractual safeguards, limits, enhanced monitoring, and exit or contingency plans. Monitor third-party risk on an ongoing basis, including changes in risk profile, incidents, or dependency levels. Collaborate closely with Compliance, Risk, Legal, IT, and Business teams to ensure third-party risks are properly identified, documented, and managed. Maintain clear documentation, risk assessments, and reporting to support internal governance, audits, and regulatory expectations. Requirements Experience in third-party risk management, vendor risk, outsourcing risk, or operational risk within fintech, payments, crypto, or regulated financial services. Strong understanding of third-party due diligence concepts beyond KYC, including operational resilience, dependency risk, and ICT risk. Familiarity with DORA requirements related to outsourcing, critical third parties, and ICT resilience (hands-on experience is a strong advantage). Ability to assess financial stability, business continuity, and regulatory exposure of external partners. Experience working with banks, PSPs, crypto providers, IT vendors, or platform providers. Strong analytical skills with the ability to identify, assess, and clearly articulate risks and mitigation actions. Comfortable translating regulatory and policy requirements into practical risk controls and processes. Fluency in English (written and spoken). Ability to work cross-functionally and communicate effectively with both technical and non-technical stakeholders. Soft Skills Analytical and detail-oriented mindset Sound judgment and ability to assess risk objectively Clear written communication and structured documentation skills Ability to work independently in a fast-paced environment Comfortable collaborating across multiple teams and stakeholders This role offers a strong opportunity to build deep expertise in third-party risk within a high-growth, crypto-native environment.