Vendor Risk Management Analyst

Refinitiv ,
Nottingham, Nottinghamshire
More Details
Salary: £20,000 - £29,999, £30,000 - £39,999, £40,000 - £49,999, £50,000 - £59,999

Overview

Job Description Refinitiv's Cyber Security & Technology Risk (CSTR) team is looking for an experienced individual to support the increasing requirements of overseeing information security requirements for Third Parties across Refinitiv. The role will be responsible for the successful delivery of managing the risk assessment and control review of third parties, advising key stakeholders on appropriate requirements of suppliers, and working with business stakeholders and third parties to ensure that findings are communicated and remediated. The ideal candidate will possess the right demeanour, skillset and experience to operate in the fast-paced and dynamic world of information security and risk, with experience in working on different reviews at a time, as well as managing queries, agreeing findings and remediation plans, and implementation of requirements in a timely and efficient manner. The Financial and Risk Business of Thomson Reuters is now Refinitiv. Refinitiv equips the financial community with access to an open platform that uncovers opportunity and catalyses change. With a dynamic combination of data, insights, technology, and news from Reuters, our customers can access solutions for every challenge, including a breadth of applications, tools, and content-all supported by human expertise. At Refinitiv, we facilitate the connections that propel people and organisations to find new possibilities to move forward. Essential Responsibilities Operate as a key contributor to the Vendor Risk Management processes. Execute risk assessments and control reviews of the 3rd Party suppliers including gathering and assessing results Determine the go-forward usage of third parties based on their control environment Partner with business stakeholders to ensure that findings are agreed and remediated in a timely manner Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. Publish monthly/quarterly/annual metrics from the program to Key Stakeholders and Subject Matter Experts. Interface with subject matter experts, peers and stakeholders and business or technology leaders across the Refinitiv enterprise. Demonstrate subject matter expertise on information security best practices and Refinitiv security posture focused on performing due diligence for vendor assurance inquiries and attestations. Work with Senior Management in driving awareness of identified risks, as well as status reporting and governance. Deliver additional activities as defined by senior leadership Qualifications / Requirements Bachelor's degree in an IT, Finance or Legal related discipline Significant experience in information security, auditing or risk management in a financial services or internet driven environment. Understanding of risk management and effective Information Security strategy, practices, technologies and controls frameworks. Critical thinking and thorough analyses to provide decision support and guidance to Refinitiv's businesses, customers and executives. Experience effective negotiation and influence skills with External Parties to ensure effectiveness of security policy, strategy and governance. Ability to work with and communicate effectively at executive levels. Strong verbal & written communication skills, including usage of Microsoft PowerPoint Strong team player with ability to execute in a matrix structure, across time zone and national boundaries Must submit to a background investigation, including verification of past employment, criminal history and educational background Desired Characteristics: business acumen with a successful track record in aligning to business drivers Subject matter expertise in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL As a global business, Refinitiv relies on diversity of culture and thought to deliver on our goals. Therefore we seek talented, qualified employees in all our operations around the world-regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Refinitiv is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace. Intrigued by a challenge as large and fascinating as the world itself? Come join us. Locations Nottingham-United Kingdom;St. Louis-Missouri-United States of America;St. Louis-Missouri-United States of America

People also viewed