OneMain Financial Jobs

Do you want to build how a global firm manages privacy and data risks arising from its third parties?

Are you passionate about building and maturing a global third‑party privacy risk framework that truly protects personal data and strengthens trust in Aon’s products and solutions?

Join us as a Third Party Privacy Risk Management Lead and help safeguard and shape a key risk strategy across our global operations! This is a hybrid role with the flexibility to work both virtually and from our Krakow office, in line with our in‑country smart working policy.

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one inclusive team, and we are passionate about helping our colleagues and clients succeed.

What the day will look like

This is a second line of defence role where you will lead the development, oversight, and advancement of the GPDTO Third‑Party Privacy Risk Management (TPPRM) program. Reporting to the Global Privacy and Data Trust Operations Director, you will ensure third‑party engagements follow privacy and data requirements and align with our standards.

Key activities include:

• Crafting the TPPRM strategy, roadmap and target operating model.

• Developing and maintaining TPPRM policies, standards, methodologies and oversight frameworks.

• Managing the GPDTO review of global privacy‑ and data‑related third‑party due diligence questionnaires.

• Collaborating with colleagues in other third-party risk management domains, including Procurement and Global Cybersecurity

• Working with first line teams to ensure appropriate due diligence and TPPRM policies, processes and reviews are followed

• Developing reporting capabilities with colleagues in third party risk management domains to track third parties processing personal data, highlight risk trends and flag systemic gaps

• Identifying privacy, data and AI risks in third‑party processing and recommending mitigation.

• Overseeing mapping of third parties and their processing activities and monitoring risks such as data breaches and contractual non‑compliance.

• Assist in identifying and implementing process and automation improvements to enhance efficiency and effectiveness within the Global Privacy and Data Trust program proceses and operations

  How this opportunity is different

  In this role you will:

• Play key role shaping the strategy and oversight of our third‑party privacy and data risks management program.

• Collaborate with partners across risk, legal and compliance, cyber security, procurement, ABS and IT, while maintaining second‑line independence.

• Clarify roles, responsibilities and RACI across first and second line teams.

• Drive process and automation improvements for third party risk management and the Global Privacy and Data Trust program and its other processes and

• Help build reporting and dashboards that track third‑party privacy risks, trends and systemic gaps.

  Skills and experience that will lead to success

• Solid experience in third‑party or operational risk management, including supporting or designing a Third Party Risk Management program and interpreting risk metrics, controls, and outcomes.

• Working knowledge of privacy regulations and the ability to assess third‑party privacy risks.

• Strong stakeholder management and communication skills, including preparation of clear, executive‑level reporting and data visualisations (e.g., Power BI)

• Experience implementing metrics, KRIs, and dashboards aligned to risk appetite

• Certified Third Party Risk Professional (CTPRP) or another related certification

• Experience defining and implementing process improvement, and also leveraging AI or automation

#LI-JW1

2573355

Do you want to build how a global firm manages privacy and data risks arising from its third parties?

Are you passionate about building and maturing a global third‑party privacy risk framework that truly protects personal data and strengthens trust in Aon’s products and solutions?

Join us as a Third Party Privacy Risk Management Lead and help safeguard and shape a key risk strategy across our global operations! This is a hybrid role with the flexibility to work both virtually and from our Krakow office, in line with our in‑country smart working policy.

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one inclusive team, and we are passionate about helping our colleagues and clients succeed.

What the day will look like

This is a second line of defence role where you will lead the development, oversight, and advancement of the GPDTO Third‑Party Privacy Risk Management (TPPRM) program. Reporting to the Global Privacy and Data Trust Operations Director, you will ensure third‑party engagements follow privacy and data requirements and align with our standards.

Key activities include:

• Crafting the TPPRM strategy, roadmap and target operating model.

• Developing and maintaining TPPRM policies, standards, methodologies and oversight frameworks.

• Managing the GPDTO review of global privacy‑ and data‑related third‑party due diligence questionnaires.

• Collaborating with colleagues in other third-party risk management domains, including Procurement and Global Cybersecurity

• Working with first line teams to ensure appropriate due diligence and TPPRM policies, processes and reviews are followed

• Developing reporting capabilities with colleagues in third party risk management domains to track third parties processing personal data, highlight risk trends and flag systemic gaps

• Identifying privacy, data and AI risks in third‑party processing and recommending mitigation.

• Overseeing mapping of third parties and their processing activities and monitoring risks such as data breaches and contractual non‑compliance.

• Assist in identifying and implementing process and automation improvements to enhance efficiency and effectiveness within the Global Privacy and Data Trust program proceses and operations

  How this opportunity is different

  In this role you will:

• Play key role shaping the strategy and oversight of our third‑party privacy and data risks management program.

• Collaborate with partners across risk, legal and compliance, cyber security, procurement, ABS and IT, while maintaining second‑line independence.

• Clarify roles, responsibilities and RACI across first and second line teams.

• Drive process and automation improvements for third party risk management and the Global Privacy and Data Trust program and its other processes and

• Help build reporting and dashboards that track third‑party privacy risks, trends and systemic gaps.

  Skills and experience that will lead to success

• Solid experience in third‑party or operational risk management, including supporting or designing a Third Party Risk Management program and interpreting risk metrics, controls, and outcomes.

• Working knowledge of privacy regulations and the ability to assess third‑party privacy risks.

• Strong stakeholder management and communication skills, including preparation of clear, executive‑level reporting and data visualisations (e.g., Power BI)

• Experience implementing metrics, KRIs, and dashboards aligned to risk appetite

• Certified Third Party Risk Professional (CTPRP) or another related certification

• Experience defining and implementing process improvement, and also leveraging AI or automation

#LI-JW1