About the Team:
The Risk Organization at PayU is a critical function responsible for safeguarding the companys operations, reputation, and financial health. Our team develops and implements comprehensive risk management frameworks that identify, assess, mitigate, and monitor risks across the organization and its ecosystem of partners. We work closely with business units, technology teams, compliance, legal, and external partners to ensure robust risk controls are in place. The team plays a pivotal role in enabling PayUs business growth while ensuring operational resilience and regulatory compliance in the dynamic fintech landscape.
About the Role:
As an M1 Manager Vendor & TP Risk, you will lead PayUs vendor risk management program, ensuring that our third-party relationships do not introduce unacceptable risks to our business operations, customer data, or regulatory compliance. You will be responsible for developing and implementing policies, procedures, and tools to effectively assess, monitor, and mitigate risks associated with vendors and service providers. Additionally, you will oversee our Business Continuity Management System (BCMS), ensuring PayU maintains operational resilience through effective crisis management, disaster recovery, and business continuity planning. This role requires a strategic thinker with strong technical knowledge who can balance risk management with business objectives.
Responsibilities:
- Develop, implement, and maintain a comprehensive third-party risk management framework aligned with industry standards and regulatory requirements
- Lead vendor due diligence processes, including risk assessments, onboarding reviews, and ongoing monitoring of critical vendors
- Oversee the Business Continuity Management System (BCMS) and ensure compliance with ISO-22301 standards
- Conduct periodic risk assessments of third-party service providers and develop risk mitigation strategies
- Coordinate the development, testing, and maintenance of business continuity plans, disaster recovery plans, and crisis management procedures
- Lead incident response activities during disruptions and ensure timely and effective communication with stakeholders
- Collaborate with procurement, legal, and business teams to incorporate risk considerations into vendor selection and contract negotiations
- Develop and maintain relationships with key vendors to ensure compliance with PayUs security and risk management requirements
- Create and deliver regular reports on third-party risk posture and BCMS effectiveness to senior management
- Stay current with regulations, standards, and best practices related to third-party risk management and business continuity
- Train and educate internal stakeholders on third-party risk management principles and business continuity awareness
- Lead internal and external audits related to third-party risk management and business continuity
Requirements:
- Bachelors degree in Business, Risk Management, IT, or related field; Masters degree or professional certifications (CRISC, CISA, ISO-22301, CBCP) preferred
- 7+ years of experience in risk management, vendor management, or related fields within financial services or fintech
- Proven experience in developing and implementing third-party risk management programs
- In-depth knowledge of business continuity management systems and ISO-22301 standards
- Experience in crisis management, disaster recovery planning, and business continuity implementation
- Strong understanding of regulatory requirements related to third-party oversight in the financial services industry
- Experience conducting vendor risk assessments and due diligence reviews
- Proficiency in risk assessment methodologies and tools
- Excellent project management skills with ability to manage multiple priorities simultaneously
- Strong analytical thinking and problem-solving abilities
- Exceptional communication and stakeholder management skills
- Experience leading cross-functional teams and influencing without direct authority
- Knowledge of payment industry and associated risks is highly desirable
What we offer?
- A positive, get-things-done workplace
- A dynamic, constantly evolving space (change is par for the course important you are comfortable with this)
- An inclusive environment that ensures we listen to a diverse range of voices when making decisions.
- Ability to learn cutting edge concepts and innovation in an agile start-up environment with a global scale
- Access to 5000+ training courses accessible anytime/anywhere to support your growth and development (Corporate with top learning partners like Harvard, Coursera, Udacity)
