Vendor Risk Specialist

Avaloq has created a centralized Global Vendor Risk Management (VRM) unit in order to identify evaluate manage and mitigate risks associated with our third parties across various risk areas.

The Vendor Risk Specialist will work closely with other members of the VRM team to organize and execute the vendor risk assessment addition to working with established processes a key outcome for this position will be to gain a broad understanding of Avaloqs supplier base with a view to developing into the position into that of a professional risk analyst capable of conducting supplier risk reviews independently and efficiently.

In general he/she is responsible for the collection analysis and reporting operational data and risk metrics in support of the VRM unit and its business unit partners. This professional will gather sufficient strategic technical and operational information from internal business units and external third party to ultimately understand and communicate the current risks business challenges and addition this professional will gather due diligence on selected vendors and prepare reports on Third Party activities to all participants.

The Vendor Risk Specialist will be also contribute to the maintenance and continuous improvement of the global VRM framework.

Your mission

• Organize the execution of yearly and on demand Vendor Risk Assessment activities.
• Plan organize and follow up of the annual execution.
• Create the report for management and relevant committees as a result of VRA campaigns.
• Monitor to significant events and risks related to third parties
• Perform risk-based due diligence on Avaloqs third parties to address potential vulnerabilities across various risk areas: Cyber Security Data Privacy Financial Health Business Continuity Disaster Recovery Operational Risk Reputational Risk among others. Moreover on-site visits or telephone interviews can be performed on key vendors.
• Work with stakeholders in the various Business risk areas to complete assessments and execute remediation plans where applicable. Establishing relationships with vendors to implement good collaboration.
• Collect develop and analyze Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• Collect data and provide quantitative analysis of current state new objectives supporting metrics and measures and contribute to proposed solutions.
• Maintain and expand Third Party Risk Management framework.
• Improve reporting on TPM risk events
• Collaborate internally with various stakeholders (Partner management Procurement Risk Data Privacy Security Business Continuity

Qualifications :

What you need

• University Degree in Economics Engineering Information Technology or equivalent subjects
• 2 years of work experience in Risk Management Information Security Risk Operational Risk or Procurement area in a bank financial institution or consulting company
• Strong knowledge of TPRM practices across the vendor lifecycle (due diligence contracts monitoring issues offboarding).
• Familiarity with common control frameworks and regulations (e.g. ISO 27001/2 SOC 2 NIST GDPR/DPAs business continuity financial viability).
• Experience collaborating with Legal Security Procurement and business stakeholders; able to translate risk into business terms.
• Strong problem solving organizational and time management skills. IT and MS Office suite skills are strongly recommended
• Ability to influence others through strong written and verbal communication maintaining cooperative relationships at all levels of the organization despite differing perspectives

You will get extra points for the following

• Risk Management/Information Security certifications
• Experience with TPRM or GRC platforms (e.g. OneTrust Archer ProcessUnity Coupa Risk Aware ServiceNow VRM Vanta)
• Sectorspecific compliance knowledge (e.g. DORA for financial services in the EU EBA guidelines GDPR)
• Exposure to fourthparty/chain risk concentration risk and resilience testing
• Knowledge in Power BI
• PMP certification

Additional Information :

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire compensate and promote regardless of origin age gender identity sexual orientation or any other fantastic traits that make us all unique we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies and any unsolicited candidate submissions will be exempt from any payment expectations.  

#LI-Hybrid

Remote Work :

No

Employment Type :

Full-time