Third Party Risk Management Lead

Why work at Nebius Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field. Where we work Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 1400 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team. The role We are seeking a strategic and hands-on Third-Party Risk Management (TPRM) Lead to design, build, and lead a best-in-class global TPRM function. This role will be responsible for establishing the framework, governance, and operating model to identify, assess, mitigate, and monitor risks associated with third parties (including customers) across diverse business models, including B2B and B2C. The role also encompasses oversight of customer and partner risk and compliance domains, including Anti-Bribery & Corruption (ABAC), Sanctions, Export Controls, Anti-Money Laundering (AML), Human Rights, and responsible/ethical AI considerations. A key dimension of the role includes embedding industry risk assessments (e.g., high-risk sectors, dual-use technologies, regulated industries) into onboarding, due diligence, and ongoing monitoring processes. A critical component of the role includes supporting third-party and due diligence efforts in the context of mergers and acquisitions (M&A), ensuring that external risks are effectively evaluated and integrated into deal decision-making and post-transaction planning. This role will play a key part in scaling and maturing Nebius’ TPRM capabilities in line with rapid business growth and evolving regulatory expectations. Your responsibilities will include:   Strategy & Leadership Design and implement Nebius’ global Third-Party, Customer, and Customer Risk Management framework, incorporating industry risk, aligned with regulatory expectations and industry best practices Build and lead a high-performing risk team spanning third-party, customer, and partner risk domains Act as an advisor on risk exposure (vendors, customers, partners, resellers, distributors) across industries and geographies Define and track KPIs/KRIs to measure program effectiveness and maturity Define and implement TPRM systems, tooling, and workflow automation to support scalable onboarding, due diligence, and monitoring processes Third-Party, Customer, Partner & Industry Risk Lifecycle Management Establish end-to-end processes for onboarding, risk assessment, due diligence, contracting, monitoring, and offboarding across: Third-party vendors and suppliers Customers (B2B and B2C) Intermediaries such as partners, resellers, distributors, and agents Develop risk tiering methodologies that incorporate: Relationship type (supplier, customer, intermediary) Business model (B2B, B2C) Industry/sector risk (e.g., financial services, pharmaceutical, crypto, AI, telecommunications) Geographic exposure and regulatory risk Oversee due diligence processes, including KYC/KYB, beneficial ownership analysis, sanctions screening, and industry risk profiling Implement enhanced due diligence for high-risk industries, intermediaries, and jurisdictions Ensure ongoing monitoring, including adverse media screening, transaction-based triggers, sector-specific red flags, and periodic reviews Integrate risk processes with procurement, sales, partnerships, legal, compliance, and security functions Compliance & Industry Risk Lead and oversee compliance frameworks and controls across: Anti-Bribery & Corruption (ABAC), with emphasis on high-risk industries and third-party intermediaries Sanctions compliance, including sectoral sanctions and restricted industries Export controls, including dual-use goods/technology and industry-specific restrictions Anti-Money Laundering (AML) / Counter-Terrorist Financing (CTF), including sector-driven risk indicators Human Rights & ESG risks, including supply chain exposure in high-risk industries Responsible AI risk, including use cases and customers in sensitive or regulated sectors Provide risk guidance on entering or expanding into higher-risk industries or customer segments Escalate material risks to senior governance forums and recommend mitigation or risk acceptance strategies M&A Due Diligence Lead third-party, customer, partner, and industry risk due diligence for M&A transactions Partner with corporate development, regulatory and business teams to assess: Vendor and supplier ecosystems Customer portfolios (B2B and B2C exposure) Partner, r