Third-party and I&T Risk Specialist állás

Megjelenés dátuma: 2024. szeptember 17.

Kövess minket!


Azonosító: 12578 Helyszín: Budapest Feladat: IT biztonsági tanácsadás

As an IT Third-Party Risk Management Specialist, you will support our partner´s I&T Risk Team which is part of the IT Governance Risk and Compliance department. Being a horizontal capability within IT, they are in touch with all segments of GBS IT to ensure the systematic and overarching embeddedness of risk management practices, including third-party risk management. The role is contributing to the improvement of GBS IT´s Third-Party and I&T Risk Management Framework and program in conjunction with global risk management initiative. This role strongly and closely collaborates with Governance, Compliance, Resilience teams and all other IT functions.

Responsibilities
Responsibilities
Responsibilities

  • Contribute to the development and improvement of the organizations Third-Party Risk Management Framework (TPRM) and processes as part of the overarching Risk Management Framework.
  • Ensure that ITs TPRM framework is coherent, consistent, comprehensive, audit ready and fits with applied global principles, standards, directives, and the companys goals.
  • As part of GRC, contribute to the continuous improvement of risk-based operations within the organization, to make it more effective, proactive, and fully embedded into the daily routine.
  • Participate in major strategic initiatives implementation and ensure the consideration of risk-related requirements.
  • Contribute to the treatment of identified risks assisting in finding practical and cost-effective solutions.
  • Build and maintain strong relationship with risk associates, including Enterprise Risk Management as well.
  • Work in relation and conformity with internal and external auditors when needed.
  • Monitor and measure the maturity level and risk status of the organization.
  • Actively engaging in the end-to-end risk treatment planning, resolution, and monitoring activities.
  • Providing aggregated risk supervision for various high-impact areas of IT services as core components of IT risk measurement and reporting activities.
  • Monitoring the performance and quality of the TPRM´s effectiveness.
  • Participate in procurement processes to represent the TPRM-related requirements.
  • Participating in the third parties lifecycle management, including but not limited to their on- and off-boarding.
  • Define and monitor KPIs and ensure that these are communicated and understood.
  • Perform risk assessments on regular basis with multiple methodologies.
  • Participation in deviation management activities to represent strong risk-based mindset.

Competencies were looking for

  • Service management mindset and quality focus are bare minimum.
  • Ability to understand strategies, provided services and challenges of a complex organization.
  • Familiarity with control frameworks and best practices such as CIS, ISO27k, NIST and ITIL.
  • Globally recognized certificates like CRISC, CISM, CGEIT, CDPSA are advantage.
  • Project & program management.
  • Ability to understand dependencies amongst various initiatives and based on this setting priorities.
  • Governance knowledge and experience are an advantage.
  • Experience in enterprise level risk management is also an advantage.
  • Experience with various TPRM & IT risk management methodologies tools is also an advantage.

Personal skill

  • Critical thinking and holistic mindset.
  • Ability to manage multiple threads.
  • Strong communication and interpersonal skills, ability to influence others and help them to grow.
  • Ability to analyze large amounts of new information quickly, identify correlations and dependencies, and have a problem-solving attitude to resolve complex problems and find solutions.

Ilyennek értékelik munkánkat az IT szakemberek


Jelentkezés CV feltöltéssel

Önéletrajzok *
(magyar és/vagy angol)
MEGENGEDETT FÁJLOK: DOC, DOCX, PDF, RTF.
MAXIMUM 2 FÁJL (MAXIMUM 10 MB FÁJLONKÉNT).

Húzd ide a fájlokat
vagy

Success message!
Warning message!
Error message!