Location
: Lisbon or Porto
Job description:
We are looking for a candidate with minimum of 2/3 years' experience on Third Party IT Risk & Cyber security.
The candidate will be responsible for the deployment of the Group Third Party Technology Risk Management (TPTRM) requirements within the organization.
The candidate will be member of ITRCS Governance Office team and will report hierarchically to TPTRM Leader and functionally to ITRO EMEA.
She/he will work with various stakeholders located in Singapore, Chennai, Switzerland and Paris.
Certification (not mandatory but recommended) : TPRA, ISO *****, CISSP, CRISC, CISM, CISA
Main Tasks:
REINFORCE THIRD PARTY SECURITY FRAMEWORK
Ensure Third Party Technology Risk Management procedures are aligned with the Group framework
Prepare, coordinate and execute Third Party IT Risk & Security awareness
Reinforce the governance with RISK Functions, Procurement and Outsourcing coordinators
Contribute to the IT Risk & Cyber Security Committee
CONTRIBUTE TO CYBER SECURITY PROGRAMS
Perform IT Risk & Cyber Risk Assessment of Internal and external IT Providers
Contribute to the execution Third Party Risk Technology roadmap
Record in Third Party Risk Management database all IT arrangements
Define and implement action plan aiming to execute IT audit considering regulatory requirements
EXECUTE WM THIRD PARTY CONTROLS
Prepare, organize and execute Annual Third Party Monitoring campaign
Execute Group IT Control Plan on Outsourcing, nearshoring & purchasing arrangements
Perform control on IT Risk & Cybersecurity clauses in IT contracts
IMPROVE EFFICIENCY AROUND THIRD PARTY
Maintain Third Party Security dashboard using for instance PowerBI solution
Ensure data quality of Third Party referential
Anticipate and react in case of Third Party Cyber alert on externam supplier
Technical Skills:
Third Party Cyber Security
Regulatory
IT Continuity
IT audit
IT Risk
Language Skills
English (mandatory),
French appreciated