Job Description

Cantor Fitzgerald Ireland (CFIL) is seeking an experienced and technically capable Senior Manager to evolve its Critical Supplier & Outsourcing framework. Regulated by the Central Bank of Ireland, CFIL provides retail and institutional clients with a broad range of investment, wealth management, and financial services. This is a high-visibility, programme-leadership role operating at the intersection of third-party risk, operational resilience, and regulatory compliance.

As organisations in the Irish and broader European financial services sector navigate an increasingly demanding supervisory environment - encompassing the CBI's Cross Industry Guidance on Outsourcing, sound management of third party risk, the DORA Regulation, and evolving operational resilience expectations - this role is central to ensuring CFIL meets and exceeds those obligations, while supporting alignment to group-wide standards across Cantor Fitzgerald entities globally.

Under The Central Bank of Ireland’s (CBI) Individual Accountability Framework (IAF) established under The Central Bank (Individual Accountability Framework) Act 2023 (IAF Act), as an expected Control Function holder, you have a Duty of Responsibility under the CBI Common Conduct Standards. These standards include:

• acting with honesty and integrity,

• acting with due skill, care and diligence,

• co-operating in good faith and without delay with the Central Bank of Ireland

• acting in the best interest of customers and treating them fairly and professionally

• operating in compliance with standards of market conduct and trading venue rules

Key Responsibilities

Outsourcing Framework Ownership

• Own and continuously develop CFIL's end-to-end critical supplier and outsourcing framework, aligned to CBI expectations, DORA, and EBA/ESMA outsourcing guidelines.

• Maintain and enhance CFIL's Register of Outsourced Functions and Critical/Important Functions (CIFs), ensuring completeness, accuracy, and audit-readiness at all times.

• Design and embed governance processes for supplier lifecycle management: from pre-engagement due diligence through onboarding, ongoing monitoring, and structured exit.

• Ensure contractual arrangements with critical / important suppliers and outsourced service providers contain required regulatory provisions including SLAs, audit rights, sub-outsourcing controls, data protection, business continuity, and termination clauses.

Regulatory Compliance & CBI Engagement

• Serve as the subject matter expert on the CBI's Cross Industry Guidance on Outsourcing, the Guidelines on Operational Resilience, and the DORA Regulation.

• Ensure CFIL's outsourcing arrangements remain compliant with applicable Irish and EU regulatory requirements, including notification obligations, intra-group outsourcing rules, and ICT third-party risk requirements under DORA.

• Prepare and maintain regulatory submissions, notifications, and documentation in respect of material outsourcing arrangements.

• Support regulatory inspections, internal audits, and thematic reviews relating to third-party risk and outsourcing, acting as a key point of contact.

• Monitor emerging regulatory developments from the CBI, EBA, ESMA, and EIOPA relating to outsourcing, ICT risk, and operational resilience, and assess their impact on CFIL and the wider group.

Third-Party Risk Management

• Lead the design and execution of risk-based due diligence for critical / important suppliers and outsourced service providers, incorporating financial health, operational resilience, cyber and information security posture, and concentration risk.

• Develop and maintain a risk-tiering methodology to ensure proportionate oversight across the full supplier population.

• Monitor ongoing supplier performance – by business vendor owners - against agreed SLAs, KPIs, and risk indicators; escalate concerns through appropriate governance channels.

• Oversee and coordinate CFIL's response to supplier incidents, disruptions, and failure events, ensuring business continuity obligations are met.

• Assess and manage sub-outsourcing arrangements and supply chain concentration risks in line with regulatory requirements.

Governance, Reporting & Stakeholder Management

• Prepare high-quality management information and Board/Committee reporting on outsourcing risk, supplier performance, regulatory compliance status, and emerging risks.

• Contribute to the Outsourcing Governance Forum or equivalent risk committee, providing expert input and challenge.

• Act as a trusted advisor to business units selecting or renewing outsourced arrangements for regulated functions, ensuring regulatory obligations are understood and embedded from the outset.

• Build and maintain strong working relationships with senior stakeholders across Operations, Technology, Risk, Compliance, Legal, and Procurement.

Essential

• Minimum 8–10 years' experience in an outsourcing governance, third-party risk, operational risk, or related function within financial services.

• Demonstrable hands-on experience of designing, managing, or materially enhancing a critical supplier / outsourcing framework within a regulated financial services environment.

• Strong, working knowledge of the CBI's Cross Industry Guidance on Outsourcing and CFIL's notification and documentation obligations under that framework

• Solid understanding of the DORA, including ICT third-party risk management. requirements, the Register of Information, and Critical ICT Third-Party Provider (CTPP) rules.

• Familiarity with the CBI's Guidance on Operational Resilience and its integration with third-party risk obligations.

• Experience managing or overseeing ICT and cloud service provider arrangements within a regulated context.

• Proven ability to prepare regulatory-quality documentation, governance papers, and Board-level reporting.

• A track record of engaging effectively with senior stakeholders and driving programme delivery without direct line authority.

Preferred

• Direct experience within Irish retail financial services (banking, insurance, MiFID, or payments) - candidates from corporate banking, asset management, or fund administration backgrounds will also be considered.

• Familiarity with EBA Guidelines on Outsourcing Arrangements and ESMA outsourcing requirements for investment firms and fund managers.

• Experience supporting or participating in CBI supervisory engagements, thematic reviews, or regulatory inspections relating to outsourcing or operational resilience.

• Exposure to concentration risk assessment methodologies, including CBI supervisory expectations on geographic and provider concentration.

• Experience with third-party risk management and operational resilience platforms is a distinct advantage.

Education & Professional Qualifications

• Bachelor’s degree in finance, business, law, risk management, or a related discipline.

• Professional qualifications in risk management (e.g. IRM), financial services (QFA, CFA), or third-party risk (CTPRP / CTPRA) are desirable.

Please note that under the Central Bank of Ireland’s Fitness and Probity Standards, this role is a Control Function 2 (CF2) role - Ensuring, controlling, or monitoring compliance by a regulated financial service provider with its relevant obligations