Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

This role provides advanced operational and strategic support to the Third-Party Risk Management Centre of Excellence (CoE) within the Contracts & Sourcing function.

The Senior Specialist plays a critical role in enhancing the maturity, effectiveness, and integration of third-party risk management practices across OML, supporting the Head of the CoE in driving group-wide oversight, governance, and continuous improvement.

The Third-Party Management Senior Specialist contributes to the expert lead leadership and enhances the organisation’s third-party risk management (TPRM) framework by conducting complex risk assessments, advising on risk mitigation strategies, and ensuring compliance with regulatory and internal standards. The role plays a critical part in safeguarding the organization from risks associated with outsourcing, vendor relationships, and third-party engagements. Lead and execute comprehensive risk assessments for high-risk third parties, including due diligence, onboarding, and periodic reviews. Develop and enhance third-party risk management policies, procedures, and tools. Collaborate with procurement, legal, compliance, IT security, and business units to ensure integrated risk management practices. Monitor and report on third-party performance, risk indicators, and compliance with contractual obligations. Provide expert guidance on risk mitigation strategies and remediation plans. Lead or support audits, regulatory reviews, and internal investigations related to third-party risk. Mentor and support junior team members, sharing expertise and best practices. Stay abreast of regulatory developments (e.g., POPIA, GDPR, FSCA requirements) and industry trends impacting third-party risk.

Strategic Support & Oversight

• Support the Head of the CoE in the execution of strategic initiatives, including the integration of third-party risk management into broader governance structures.

• Provide objective oversight and contribute to the development and refinement of third-party risk frameworks, methodologies, and minimum standards.

• Facilitate and coordinate cross-functional engagements to identify, assess, and monitor material third-party risks across OMLACSA and Affiliates.

Risk Identification & Reporting

• Lead complex risk assessments and provide expert analysis of third-party risk exposures, including 4th/Nth party risks and concentration risks.

• Monitor and report on third-party risk trends, incidents, and control effectiveness to senior stakeholders, including Exco, Audit, Risk and Compliance Committees.

• Support the escalation and resolution of material risks and non-compliance issues.

Framework & Process Enhancement

• Champion the continuous improvement of third-party risk management processes, tools, and data quality across the CoE.

• Drive alignment and consistency in third-party tiering, segmentation, and risk rating practices.

• Contribute to the development and maintenance of the OML-wide third-party inventory and associated data governance.

Stakeholder Engagement & Enablement

• Provide expert guidance and coaching to CoE team members, control owners, risk coordinators, and other internal stakeholders.

• Act as a change agent in promoting a strong third-party risk culture and embedding risk management practices across the organisation.

• Represent the CoE in strategic and operational forums, providing insights and recommendations on third-party risk matters.

Operational Excellence

• Support the Head of the CoE in tracking performance against executive targets and risk maturity objectives.

• Facilitate the execution of requests from senior governance bodies and ensure appropriate follow-through and corrective actions.

• Contribute to the optimisation of CoE operations, including cost efficiency, data integrity, and process effectiveness.

Qualifications & Experience

• Minimum 3–5 years of experience in risk management, with a strong focus on third-party risk.

• Strong understanding of third-party risk management principles, frameworks, and tools.

• Strong understanding of regulatory requirements and governance practices related to third-party risk.

• Third-party risk management certification and/or qualification (advantageous).

• Experience with third-party risk management tools and data analytics (advantageous).

• Excellent stakeholder engagement, communication, and facilitation skills.

Skills

Builds Rapport, Change Management, Data Analysis, Database Reporting, Data Compilation, High Risk Typologies Methodologies, Information Retrieval, Issue Management, Numerics, Project Risk and Issue Management, Risk Management, Stakeholder Expectation Management, Threat Assessment, Verbal Communications

Competencies

Balances Stakeholders

Business Insight

Communicates Effectively

Ensures Accountability

Financial Acumen

Instills Trust

Manages Complexity

Optimizes Work Processes

Education

NQF Level 7 - Degree, Advance Diploma or Postgraduate Certificate or equivalent (Required)

Closing Date

10 November 2025 , 23:59

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.

The Old Mutual Story!