Role Title: Graduate Supplier Oversight Analyst Reports to: Head of Operational Resilience Location: Reading - this is a hybrid role (3 days in office) Hours of work: 35 hours per week SMCR Function: This is a conduct role Purpose of Role We are seeking a proactive and detail-oriented Graduate Supplier Oversight Analyst to join our Operational Resilience team. This entry-level role is ideal for recent graduates looking to begin a career in risk management within financial services. The role sits within the first line of defence, supporting the business in identifying, assessing, and managing third-party risks. The primary focus is on ensuring that Relationship Owners are fulfilling their responsibilities in line with the Third Party Risk Management (TPRM) Framework. This includes overseeing the completion of service reviews, annual due diligence, and ensuring that all contractual documentation is accurately maintained within the firm’s vendor management tool. Operational Resilience will be a secondary focus, supporting broader initiatives such as scenario testing and business continuity planning. Key Responsibilities Support the implementation and day-to-day operation of the Third Party Risk Management Framework. Act as a key point of contact for Relationship Owners, ensuring they complete required service reviews and annual due diligence for their vendors. Monitor and maintain vendor records, including contracts, SLAs, BCPs, and DR test results, using the firm’s TPRM vendor management tool (Gatekeeper). Track and escalate non-compliance or overdue actions related to vendor oversight. Assist in onboarding new vendors, including conducting initial risk assessments and due diligence. Collaborate with Legal, IT, DPO, and business units to ensure effective vendor oversight and risk mitigation. Support Operational Resilience activities such as Business Impact Analyses (BIAs), mapping of Important Business Services (IBS), and scenario testing involving critical third parties. Experience/Skills Strong analytical and organisational skills with attention to detail. Proficiency in Microsoft Office (especially Word, Excel, and PowerPoint). Interest in third party risk, operational risk, or regulatory compliance. Ability to work independently and collaboratively across teams. Desirable: Familiarity with UK/EU financial regulations (e.g., FCA/PRA Operational Resilience Framework, DORA). Soft Skills Excellent written and verbal communication. Strong interpersonal skills and ability to build relationships across departments. Effective time management and ability to prioritise workload. Professional conduct and a proactive approach to problem-solving. Team-oriented mindset.