Enviar candidatura ahora »

Manager- Vendor Risk Assessment Specialist



We are seeking a Vendor Risk Assessment Analyst to join the team. The VRA Analyst is an expanding role and entails driving a vendor risk assessment process that is being rolled out globally. The role includes conducting 3rd party risk assessments, management of the VRA framework, enhancement of the framework, and serving as the subject matter expert in assisting adoption and execution of vendor risk processes within the member firms. The Sr. VRA analyst will be familiar with risk mitigation strategies including working with colleagues in procurement and legal groups to address risk in vendor agreements.


What will your day-to-day be like?

  • Provide insight and feedback into operational processes enhancement to improve customer and operational interactions
  • Participate in and lead assessment of vendor risk, develop mitigation plans and partner with internal stakeholders to manage responsibility 
  • Ensure strong oversight of all vendors’ risks and provide member firms and business partners visibility of existing and emerging risks
  • Provide comprehensive reviews of risk assessments and assist with policy, regulatory and accreditation audit preparation
  • Help lead and support the design and implementation and deployment of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/ State Regulatory requirements
  • Conduct reporting and analysis on the data collected by the VRA platform
  • Collect requirements from the member firms to determine and plan effective use of the VRA service
  • Vendor risk questionnaire refinement and scoring, as well as overall VRA risk reporting, for effective program performance and optimization
  • Help develop, maintain, and document workflow processes to ensure data & system controls are appropriate, meet internal baselines and optimize current processes to meet emerging risks
  • Provide guidance to the business, procurement and other stakeholders to ensure requirements of VRM are fully understood and embedded in the solution
  • Monitor and report on risk findings, remediate resolution including development and execution of corrective action plans
  • Perform data analytics & reporting activities. Provide & maintain vendor risk reporting mechanisms, and track and report outcomes from vendor management activities
  • Analyze, update, and modify procedures and processes to identify and continuously implement vendor risk management process improvements
  • Stay informed about the latest developments in the vendor risk management field
  • Improve awareness of operational risks faced by Business from vendor failure/poor performance and work with Strategic Sourcing/Legal/Business to mitigate any losses through vendor compensation achieved through establishment of robust contracts


What do we expect from you?

  • Minimum of 5 years of experience in information security or IT audit experience
  • Experience working in Cyber Risk, Business Risk Management, Operational Risk, Internal Audit, and/or Controls related function preferred
  • Working familiarity with Vendor Risk Assessments and production of Risk Analysis Reports
  • Experience in management of vulnerability and/or risk remediation
  • High level of English since we are an international team working together from across the globe


What is it like to work at Deloitte? 

Working at Deloitte will provide you with the opportunity to participate in the transformation of leading national and international organisations.

This environment will allow you to focus on your personal and professional growth while being surrounded by inspiring individuals. You will also be given the chance to participate in training programmes that will allow you to unlock your full potential.

Thanks to the diversity of our workspace, you will come into contact with a wide array of perspectives, individuals, challenges, and projects.

At Deloitte we are committed to making a positive impact on society, our clients, and you, our employees. 

In order to help us achieve this goal, we have integrated a series of programmes and benefits in our culture that include:


  • A personalised training and career plan (specific/technical, languages, and soft skills).
  • A culture of continuous, valuable feedback (upwards and downwards).
  • Mentoring programmes based on your professional category.
  • Volunteering programmes and social action initiatives with a national and international scope (WorldImpact).
  • Cultural programmes and subsidised sports clubs (Deloitte Runners Club, padel, football, volleyball, and many more).
  • Medical insurance and health service based at the office: GPs, nurses, physiotherapy, wellbeing, mental health, etc.
  • Flexibility programme.
  • Flexible remuneration plan and a range of benefits for forming part of Deloitte.


Who are we?

Deloitte is the leading professional services company in Spain and the world. With 22 offices in Spain and 169 offices around the world, we help organisations to address their transformation challenges through a multidisciplinary service approach that can be adapted to a variety of industries.


What is the next step?

  1. If you believe this role is right for you, please click on ‘Apply now’ and complete your profile so we can assess your application.
  2. Our recruitment team will get in touch to find out a bit more about you if they think you could be a good fit for the role.
  3. From this stage onwards we will guide you through the selection process, which could mark the beginning of your Deloitte journey!


Click here to find out more about our Cyber team. Are you ready for the challenge?


What impact will you make?

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Población:  Madrid
Tipo de Puesto:  Profesionales Con Experiencia
Línea de Servicio:  Riesgos
Req Id:  29323

Enviar candidatura ahora »