Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
IT Vendor Risk Management Analyst
Eingestellt von Base 3
Gesuchte Skills: Support, Network
Projektbeschreibung
IT Vendor Risk Management Analyst
The mission is within the Corporate Technology (CT) division delivering IT shared services related to application hosting, end-user services and infrastructure support to the business entities - the CSDs of the group.
The CSDR outsourcing working group is a cross-divisional team including CSD representatives, Corporate Procurement, Legal, Risk and Compliance, IT divisions and others.
The position is part of the CT Service Strategy CSDR project team who represent the CT division in the CSDR outsourcing working group. CT's scope in this working group is focused on the compliance of CT's 30+ Critical Service Providers (CSP), which are mainly IT vendors (infrastructure hardware/software/Middleware and network suppliers).
ROLE:
You will be working in the CT CSDR project team to deliver and support CT's required contribution to the CSDR outsourcing cross-divisional working group, along several key dimensions:
-Support Compliance, Procurement and Legal to perform the risk assessment of CT's Critical Service Providers, using CPMI-IOSCO's oversight expectations applicable to CSPs as required by the regulator (CF. )
-Coordinate with the CT CSDR project team any questions requiring interactions with the external providers and any required involvement of the CT business/contract owners
-Follow up on the initial risk assessments of the CSPs, on any mitigating actions and residual risks, ensuring that the risk assessment methodology becomes Embedded in CT operational processes for a regular review/recertification of the CSPs' risk profiles
-Contribute to the CT CSDR project team overall effort to set up the operational monitoring and control processes of CSPs, and roll out these processes to CT internal stake-holders and senior management (Technical Domain Owners and CT contract owners)
The challenge is to transpose the CPMI-IOSCO guidelines to the context and to apply them taking into account the specific nature and products/services of CT's CSPs while ensuring that this new risk assessment exercise does not remain a one-off initiative but is turned into a formal repeatable and sustainable practice in the CT organisation.
Since the new CSD regulation is requiring a formal and explicit oversight, risk assessment and controls on the CSPs, you will be expected to deliver a systematic and standardised documentation providing a comprehensive articulation of the risk assessment in a language that is understandable by both the business and IT.
PROFILE:
Given the forced/mandatory nature of the initiative and the aggressive time frame imposed to reach full compliance, we are looking for an experienced IT Vendor Risk Management analyst profile, ie:
-Experience (3+ years) in managing service provider/supplier relationships, demonstrating influencing and negotiation skills to align internal and external stake-holders
-Experience in vendor risk management - risk analysis minded, analytical but strategic thinking and logical reasoning, able to articulate risks and mitigating actions in a very clear way
-Interpersonal, presentation and written communication skills in IT and business language, both with technical experts and senior management
-Strong team player with integration skills (joining people and processes), while also demonstrating work autonomy and leadership to define and drive action plans
-Fluency in English is required (French and/or Dutch are a plus)
The mission is within the Corporate Technology (CT) division delivering IT shared services related to application hosting, end-user services and infrastructure support to the business entities - the CSDs of the group.
The CSDR outsourcing working group is a cross-divisional team including CSD representatives, Corporate Procurement, Legal, Risk and Compliance, IT divisions and others.
The position is part of the CT Service Strategy CSDR project team who represent the CT division in the CSDR outsourcing working group. CT's scope in this working group is focused on the compliance of CT's 30+ Critical Service Providers (CSP), which are mainly IT vendors (infrastructure hardware/software/Middleware and network suppliers).
ROLE:
You will be working in the CT CSDR project team to deliver and support CT's required contribution to the CSDR outsourcing cross-divisional working group, along several key dimensions:
-Support Compliance, Procurement and Legal to perform the risk assessment of CT's Critical Service Providers, using CPMI-IOSCO's oversight expectations applicable to CSPs as required by the regulator (CF. )
-Coordinate with the CT CSDR project team any questions requiring interactions with the external providers and any required involvement of the CT business/contract owners
-Follow up on the initial risk assessments of the CSPs, on any mitigating actions and residual risks, ensuring that the risk assessment methodology becomes Embedded in CT operational processes for a regular review/recertification of the CSPs' risk profiles
-Contribute to the CT CSDR project team overall effort to set up the operational monitoring and control processes of CSPs, and roll out these processes to CT internal stake-holders and senior management (Technical Domain Owners and CT contract owners)
The challenge is to transpose the CPMI-IOSCO guidelines to the context and to apply them taking into account the specific nature and products/services of CT's CSPs while ensuring that this new risk assessment exercise does not remain a one-off initiative but is turned into a formal repeatable and sustainable practice in the CT organisation.
Since the new CSD regulation is requiring a formal and explicit oversight, risk assessment and controls on the CSPs, you will be expected to deliver a systematic and standardised documentation providing a comprehensive articulation of the risk assessment in a language that is understandable by both the business and IT.
PROFILE:
Given the forced/mandatory nature of the initiative and the aggressive time frame imposed to reach full compliance, we are looking for an experienced IT Vendor Risk Management analyst profile, ie:
-Experience (3+ years) in managing service provider/supplier relationships, demonstrating influencing and negotiation skills to align internal and external stake-holders
-Experience in vendor risk management - risk analysis minded, analytical but strategic thinking and logical reasoning, able to articulate risks and mitigating actions in a very clear way
-Interpersonal, presentation and written communication skills in IT and business language, both with technical experts and senior management
-Strong team player with integration skills (joining people and processes), while also demonstrating work autonomy and leadership to define and drive action plans
-Fluency in English is required (French and/or Dutch are a plus)
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges