Third-Party and I&T Risk Specialist | SwiconJobs

Your dream job is just a click away

Third-Party and I&T Risk Specialist

2024.05.03. | Hybrid | Tech
Introduction

Our partner is an industrial giant whose aim is to drive the world towards a sustainable future by building businesses and partnerships across various specializations ranging from energy to batteries through the help of a unique blend of knowledge and competence. They are committed to leading the world towards a more innovative, balanced and self-sustaining ecosystem through the optimal use of natural resources and products.

Tasks

As a Third-Party and I&T Risk Specialist you will be member of the I&T Risk Team which is part of the I&T GRC Department.

Being a horizontal capability within IT, we are in touch with all segments of GBS IT to ensure the systematic and overarching embeddedness of risk management practices, including third-party risk management.

The role is contributing to the improvement of GBS IT’s Third-Party and I&T Risk Management Framework and program in conjunction with global risk management initiative.

This role strongly and closely collaborates with Governance, Compliance, Resilience teams and all other IT functions.


Responsibilities:

  • Contribute to the development and improvement of the organization’s Third-Party Risk Management Framework (TPRM) and processes as part of the overarching Risk Management Framework
  • Ensure that GBS IT’s TPRM framework is coherent, consistent, comprehensive, audit ready and fits with applied global principles, standards, directives, and the company’s goals
  • As part of GRC, contribute to the continuous improvement of risk-based operations within the organization, to make it more effective, proactive, and fully embedded into the daily routine
  • Participating in major strategic initiatives’ implementation and ensure the consideration of risk related requirements
  • Contribute to the treatment of identified risks – assisting in finding practical and cost-effective solutions
  • Build and maintain strong relationship with risk associates, including Enterprise Risk Management as well
  • Work in relation and conformity with internal and external auditors when needed
  • Monitor and measure the maturity level and risk status of the organization
  • Actively engaging in end-to-end risk treatment planning, resolution, and monitoring activities
  • Providing aggregated risk supervision for various high impact areas of IT services for core components of IT risk measurement and reporting activities
  • Monitoring the performance and quality of the effectiveness of the TPRM
  • Participate in procurement processes to represent the TPRM related requirements
  • Participating in the third parties’ lifecycle management, including but not limited to their on- and offboarding
  • Define and monitor KPIs and ensure that these are communicated and understood
  • Perform risk assessments on regular basis with multiple methodologies
  • Participation in deviation management activities to represent strong risk-based mindset
Expectations
  • Service management mindset and quality focus are bare minimum
  • Ability to understand strategies, provided services and challenges of a complex organization
  • Familiarity with control frameworks and best practices such as CIS, ISO27k, NIST and ITIL
  • Globally recognized certificates like CRISC, CISM, CGEIT, CDPSA are advantage
  • Project & program management
  • Ability to understand dependencies amongst various initiatives and based on this setting priorities

 

Personal skills you shall provide:

  • You’re always open to learn and leave your comfort zone
  • Critical thinking and holistic mindset
  • Ability to manage multiple threads
  • Strong communication and interpersonal skills, ability to influence others and help them to grow
  • Ability to analyze large amounts of new information quickly, identify correlations and dependencies, in addition, to resolve complex problems, and find solutions – problem solving attitude
  • You’re committed to quality
  • You don’t afraid of taking responsibility


Advantageous
  • Governance knowledge, experience
  • Experience in enterprise level risk management
  • Experience with various TPRM & IT risk management methodologies tools


Employer's offer
  • International environment
  • Exciting project portfolio