Don't miss any news or updates from BestJobs

Not now Allow

Third Party Risk Management Analyst

₱ 90,000.00 monthly ·  Makati, National Capital Region ·  18 October (updated)

NeksJob Philippines

Verified Employer

This seal certifies that the data and activity of this company have been meticulously verified by Bestjobs

  • Description



  • ROLE AND RESPONSIBILITIES

    The Vendor Risk Analyst is responsible for maintaining, improving, and monitoring the Vendor Risk Management program. The vendor risk analyst is expected to lead coordination efforts with internal and external parties in conducting company vendor and supplier risk assessments, provides control recommendations, conducts a vendor contract review, performs compliance checks against company security policies and regulatory requirements, documenting security issues, monitoring risk remediation status and provides communication to management. The vendor risk analyst is expected to ensure that vendors and suppliers are managed appropriately and in accordance to the company security policies and procedures. Additionally, the Vendor Risk Analyst will develop and implement independent reporting and analysis to assist in the Vendor Risk Management program.

    The Vendor Risk Analyst coordinates with different internal stakeholders such as Operations, Information Technology, Security, Legal, Procurement and Administrative organizations to ensure vendors are evaluated in meeting business requirements while maintaining security and privacy controls. Additionally, the Vendor Risk Analyst is expected to stay abreast with security updates and be able to mentor and provide leadership to others in the Corporate Security Department.

    The successful candidate will have a firm understanding of vendor risk management principles and is able to easily articulate that understanding while helping others to improve. Is willing to actively seek opportunities to develop new approaches to meet goals. Grasps and applies advanced concepts. Stays abreast of new tools, technologies, and techniques related to vendor risk management and implements them as solutions to problems. In the role, the Vendor Risk Analyst will define vendor frameworks, communicate vendor risk concepts, policies, standards, procedures, and provide ongoing support.

    Responsibilities also include:

    • Oversees the third-party risk assessment process to include due diligence through partnerships with various internal stakeholders to ensure all requirements are met (certifications, BCP/DR, data security and privacy, brand reputation, connectivity, encryption, etc.).

    • Evaluate vendor documents to determine acceptability based on line of business needs and information security and privacy requirements.

    • Oversees the day-to-day risk mitigation, monitoring, and reporting for third-party relationships, conducting independent risk assessments that provides greater insight into risk exposures and mitigation efforts.

    • Provide updated policy, procedures and control compliance evidence related to company vendor and supplier management

    • Review vendor risk assessment outputs to ensure risk has been appropriately assessed.

    • Coordinate and verify inclusion of terms of contracts related to SaaS/IaaS and other business critical deployments that involve PII, PCI, PHI, and other regulatory data classifications.

    • Assist in the development of corrective action plans and third-party contingency plans for high risk vendors.

    • Collaborate with stakeholders in the Corporate Security Department to assist in further development of governance structure and oversight of security framework and controls in compliance with PCI-DSS, ISO 27001, HITRUST, HIPAA, and other frameworks and guidelines.

    • Delivers reporting from the vendor risk management platform and presents to stakeholders, including to senior management.

    • Obtain and maintain necessary training to keep current on the discipline of vendor risk management, including regulatory and industry practices.

    • Ensure documents and activities are performed in compliance with applicable laws, regulatory standards and company policies and procedures.

    • Lead and participate in internal and external audits and examinations.

    • Assist with the creation of policies and procedure for the Vendor Risk Management program.

    • Performs other duties and responsibilities as assigned.

    QUALIFICATIONS AND EDUCATION REQUIREMENTS

    • A Bachelor's degree in risk management, computer science, or a related discipline, or the equivalent combination of education, technical training or work/military experience.

    • 3+ years of vendor risk management/information security experience.

    • Experience with regulatory requirements including but not limited to PCI-DSS, ISO27001, HITRUST, HIPAA, etc.

    • Advanced knowledge and work experience in Vendor Risk Management or related fields such as audit, IT security, or business continuity, however, other IT disciplines are eligible.

    • Technical knowledge to understand detailed issues around security, business continuity, and overall risk in IT.

    PREFERRED SKILLS

    • Experience in a regulated (financial, pharmaceutical, health care, etc.) industry is highly desired.

    • One or more of the following certifications is highly preferred: CRISC, CISM, CISA, and CISSP.

    Interested and qualified candidates must send an updated resume to email address listed in this post or via bestjobs

    Email Subject: Third Party Risk Management Analyst

    ***Only shortlisted candidates will be contacted for the position.

  • Requirements

  • Minimum education level: Bachelor´s Degree
  • Years of experience: 3
  • Availability for travel: No
  • Availability for change of residence: No
To see the complete contact information, Apply now

Similar jobs

Full Time - Permanent contract - ₱ 90,000.00 monthly -

Home Based - Permanent contract - ₱ 25,000.00 monthly -

Home Based - Permanent contract - ₱ 16,000.00 monthly -

Full Time - Permanent contract - ₱ 16,000.00 monthly -

Get new jobs on Facebook Messenger

Send to Messenger

Job summary

  • Third Party Risk Management Analyst

  • Makati, National Capital Region

  • Company

    NeksJob Philippines
  • Type of contract

    Permanent contract

  • Work type

    Full Time

  • Salary

    ₱ 90,000.00 monthly

  • Apply