Team Lead - Vendor Risk Management - Chief Risk Office London, GBR Posted today

Team Lead - Vendor Risk Management - Chief Risk Office

Location: London

Business Area: Legal, Compliance, and Risk

The energy of a newsroom, the pace of a trading floor, the buzz of a recent tech breakthrough; we work hard, and we work fast—while keeping up the quality and accuracy we're known for.

Vendor Risk Management (VRM) is part of the Chief Risk Office (CRO) and responsible for assisting Bloomberg departments and select subsidiaries of Bloomberg LP in the selection, assessment, mitigation and continuous monitoring of risks introduced by vendors and other third-party service providers.

We are seeking a Team Leader, Vendor Risk Management, to guide and develop a team of vendor risk professionals while driving both the execution of vendor assessments and the strategic advancement of our Vendor Risk program.

This role requires balancing hands-on oversight of operational activities with strategic advisory responsibilities, ensuring Bloomberg departments and subsidiaries can confidently manage vendor risks throughout the vendor lifecycle.

• Operational Leadership: Supervise and mentor a team of Vendor Risk Managers, ensuring high-quality delivery of assessments, monitoring, and reporting.
• Oversee execution of inherent risk assessments, vendor due diligence, control testing, and remediation tracking.
• Maintain accuracy and completeness of vendor and engagement inventories, ensuring risk profiles are current and actionable.
• Guide the team in conducting due diligence across risk domains (information security, privacy, operational resilience, concentration, regulatory, geographic).
• Monitor industry trends and regulatory updates to ensure operational assessments reflect current risk landscapes.

• Contribute to the ongoing design, enhancement, and implementation of Bloomberg’s Vendor Risk Management framework.
• Serve as a trusted advisor to senior stakeholders, including business leaders, CISO, Legal, Compliance, and Enterprise Risk, on third-party risk exposure and mitigation strategies.
• Provide risk insights and recommendations that balance business objectives with security and resilience requirements.
• Develop and deliver actionable, executive-ready risk reporting to inform decision-making across departments.

• Bachelor’s or Master’s degree in Computer Science, Information Security, Business Management, or equivalent industry experience.
• 10+ years of experience in Risk Management, Information Security, Technology Audit, or related fields, with at least 4 years in a leadership or supervisory capacity.
• Proven experience managing and mentoring teams to deliver high-quality risk assessments and projects.
• Strong understanding of Cloud Computing risks and third-party service provider oversight.
• Familiarity with key frameworks (NIST 800-53, ISO/IEC 27001/2, COBIT, HITRUST, PCI DSS, CSA, CIS CSC).

• Experience in building and scaling a vendor risk team or function.
• Familiarity with supplier agreements, contractual terms, and service level agreements.
• Experience developing and using operational performance metrics to measure vendor risk effectiveness.

Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.

Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process.