APPLY RIGHT NOW »

Senior - Vendor Risk Assessment Analyst

 

 
 

¿Can you imagine participating in the transformation of leading national and international organizations?

At Deloitte, we are committed to making an impact on society, our clients, and you.

 

We are seeking a Vendor Risk Assessment Analyst to join the team. The VRA Analyst will participate in and lead assessments of vendor risk, develop mitigation plans and partner with internal stakeholders to manage responsibility. In this role you will also ensure strong oversight of all vendors’ risks and provide member firms and business partners visibility of existing and emerging risks.

 

 

What will your day-to-day be like? 

 

  • Prepare and complete vendor risk assessments and assist with policy, regulatory and accreditation audit preparation.
  • Help lead and support continuous improvement, implementation, and deployment of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/ State Regulatory requirements.
  • Facilitate workflow and record keeping within the VRA platform (ServiceNow).
  • Help develop, maintain, and document workflow processes to ensure data & system controls are adequate, meet internal baselines and optimize current processes to meet emerging risks.
  • Provide guidance to the business, procurement and other stakeholders to ensure requirements of VRM are fully understood.
  • Monitor risk findings, remediate resolution including development and execution of corrective action plans, and ensure follow-on reporting and monitoring.
  • Perform data analytics & reporting activities.
  • Provide & maintain vendor risk reporting mechanisms, and track and report outcomes from vendor management activities.
  • Improve awareness of operational risks faced by Business from vendor failure/poor performance and work with Strategic Sourcing/Legal/Business to mitigate any losses.

 

 

What do we expect from you?

  • Bachelor’s degree: preferably in an information technology-related field of study, or equivalent years of experience required.
  • Experience working in Cyber Risk, Business Risk Management, Operational Risk, Internal Audit, and/or Controls related function.
  • At least 2 years of Information Security, Risk Assessment or IT audit experience.
  • Strong familiarity with ISO27000 standards and ISO27002 controls standards.
  • Experience with Archer, ServiceNow or another industry standard enterprise Vendor Risk Assessment solution.
  • Strong knowledge and working understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
  • Strong working familiarity with common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework.
  • Working familiarity with the NIST 800-30 standard for Risk Assessment.
  • Oversee vendor risks, providing visibility to member firms and partners regarding current and emerging threats.
  • Lead and participate in the assessment of vendor risk, formulate mitigation plans, and colllaborate with internal stakeholders for effective risk management.
  • Stay abreast of developments in vendor risk management, contributing to the knowledge base and strategic direction of the cybersecurity function.

 

 

How is it to work at Deloitte?

🤩 High-impact projects where you will have a long journey and learning experience

☯️ A hybrid-flexible daily routine: you will have flexible hours and a good balance between remote work and teamwork in our offices or our clients’ offices

⚽ Good atmosphere inside and outside the office: you will enjoy several team buildings per year, cultural and sports activities... and much more!

🧘‍♀️ Comprehensive well-being: take care of yourself with our physical, mental, and financial health program... and with a medical team in the offices!

🤲 Social impact: You can sign up for a large number of national and international volunteer opportunities and pro-bono projects where you can put your time and talent at the service of those who need it most

🗣️ Culture of feedback and continuous learning: you will grow in an inclusive environment where equal opportunities and your personalized training plan will boost your development. Can you already see yourself at the Deloitte University in Paris?

🤝 Exclusive benefits for being part of Deloitte: you will be able to enjoy a wide catalog of benefits and a complete flexible compensation plan

 

If you like what you read, here are your next steps:

  • Apply for the position by clicking on 'Submit application now' and complete your profile.
  • If you are a good fit for the role, our talent team will contact you to get to know you better.

Start the process! We will guide you through the different stages until your incorporation.

 
 

 

 
 
Deloitte is a professional services Firm strongly committed to equal opportunity. In this sense, the Firm will accept and process applications from all sectors of society, not discriminating based on sex, gender expression, race, religion or belief, ethnic or national origin, disability, disease or health condition, genetic predisposition. to suffer pathologies, age, citizenship, marital status, sexual orientation or identity, socioeconomic situation or any other personal or social condition or circumstance.
Location:  Madrid
Job Type:  Experienced
Service Line:  T&T
Req Id:  39471

APPLY RIGHT NOW »