Third-Party Risk Analyst (Web3)

TL;DR

Third-Party Risk Analyst (Web3): Assessing and managing risks for external partners in a crypto processing ecosystem with an accent on comprehensive due diligence, DORA-aligned assessments, and ICT risk. Focus on identifying and mitigating regulatory, operational, and reputational risks to ensure business continuity and compliance.

Location: Fully Remote

Company

Our client is a leading European crypto processing company providing regulated digital asset payment solutions to partners and merchants across multiple jurisdictions.

What you will do

• Assess and manage risks related to third-party partners, including banks, PSPs, crypto service providers, vendors, and IT/platform providers.
• Perform comprehensive third-party due diligence beyond standard KYC, covering financial stability, regulatory exposure, operational resilience, and ICT risk.
• Identify and classify third parties based on their criticality, dependency level, and impact on business continuity.
• Conduct DORA-aligned assessments for outsourced and critical third parties, including operational and ICT resilience reviews.
• Determine appropriate risk mitigation measures such as contractual safeguards, limits, enhanced monitoring, and contingency plans.
• Monitor third-party risk on an ongoing basis and collaborate with Compliance, Risk, Legal, IT, and Business teams.

Requirements

• Experience in third-party risk management, vendor risk, outsourcing risk, or operational risk within fintech, payments, or crypto.
• Strong understanding of third-party due diligence concepts beyond KYC, including operational resilience, dependency risk, and ICT risk.
• Familiarity with DORA requirements related to outsourcing, critical third parties, and ICT resilience.
• Ability to assess financial stability, business continuity, and regulatory exposure of external partners.
• Experience working with banks, PSPs, crypto providers, IT vendors, or platform providers.
• Strong analytical skills with the ability to identify, assess, and clearly articulate risks and mitigation actions.
• English: Fluency required (written and spoken).

Culture & Benefits

• Opportunity to build deep expertise in third-party risk within a high-growth, crypto-native environment.
• Work independently in a fast-paced environment while collaborating across multiple teams and stakeholders.