Senior Third-Party Cyber Risk Management Analyst
3 miesięcy temu
Job Description
Circle K Business Centre is a shared service center which supports Circle K Europe operations through a wide range of services within Finance & Control, Information Technologies, Human Resources, Transport Fuel and Customer Service.
Circle K is part of the Canadian company Alimentation Couche Tard Inc. (Couche-Tard), one of the world's largest joint-stock convenience retail companies, listed on the Toronto Stock Exchange (TSE). It has operations in North America, Europe, Asia and the Middle East. It has approximately 12,300 sites across its network in North America (. and Canada), Europe (Norway, Sweden, Denmark, Ireland, Poland, the Baltics), Asia and the Middle East. We are a family of more than 100,000 merchants making it easy for our customers around the world.
The Third Party Cyber Risk Management (TPCRM) team is recruiting a senior third-party cyber risk analyst who will serve as a subject matter expert. This role provides subject matter expertise, managing, and performing key functions necessary to satisfy the Third-Party Cyber Risk Management program, including program projects and strategic initiatives. This role is accountable and responsible for providing expert risk analysis and information to business and risk management leadership. Additionally, the analyst establishes rapport with the business to support the company's overall IT and security governance, risk management, and compliance program with third-party vendors. The role supports implementing and maintaining our third-party platform and policies and a comprehensive control framework with enterprise-wide third-party risk management. Provides expert guidance to department management and business lines to ensure compliance and mitigation of risks. Contributes to objectives that support department strategic goals. This position reports to the third-party cybersecurity management senior manager.
Key Responsibilities:
Develops and maintains strong working relationships with business areas throughout the enterprise. Advises business lines and IT team on security requirements and best practices.
Build and foster a strong rapport and relationships across the enterprise to collaborate with key stakeholders, including Procurement, Legal, Physical and Cybersecurity, Compliance, Privacy, Technology, and other business functions to identify, assess, and design plans to mitigate and monitor risks associated with third parties.
Perform in-depth risk domain and cybersecurity risk assessments; assess the overall security stance of third-party entities; detect vulnerabilities and areas of noncompliance; and develop mitigation strategies aligned to industry standards.
Leverage intelligence, industry best practices (NIST, ISO, , and the regulatory landscape (such as GDPR, SOX, to ensure a rounded assessment of the risk posed to the organization.
Create and present detailed, high-quality risk reports, clearly articulating risk findings with recommendations, and maintain a comprehensive risk assessment and related documentation inventory.
Coordinate third-party risk management activities, including communicating with vendors about cybersecurity zero-day vulnerabilities.
Key participant in strategic planning activities, cybersecurity projects, or District or System priorities, including workgroups and initiatives as requested.
Collaborates, as appropriate, with Enterprise Risk Management, Legal, Procurement, and other risk functions to maintain an Enterprise Third Party Risk Management Program
Key participant in developing and enhancing processes and procedures for the Third Party Cyber Risk Management program, including due diligence activities, continuous monitoring, and frameworks to enhance the efficiency and effectiveness of the overall program.
Understanding business needs and dedicated to delivering high-quality, prompt, and efficient service.
Knowledge of relevant regulations, standards, and frameworks related to third-party risk management, such as NIST 800-53, NIST CSF, NIST RMF, SOX, GDPR, and other industry-specific frameworks.
Must be a self-starter and comfortable operating independently and be able to navigate with autonomy; provide updates on progress, re-confirm priorities, be flexible, and seek to clarity/help in the event of roadblocks.
Position Requirements:
Bachelor's Degree
3-5 years of work experience related to Third Party Risk Management, supplier risk management, vendor risk management, and/or cyber risk management.
Strong knowledge of information security concepts and controls (including AI and Cloud Environments)
Understanding of regulatory requirements pertaining to information security, privacy, and/or data security
Ability to consult with customers in a service advisory capacity
Self-driven; able to manage schedules, meet deadlines, coordinate with others, perform tasks, and work independently with minimal supervision
Strong project management skills, with the ability to work with multiple customers, deadlines, and priorities
Organized and effective with time and meeting management
Strong interpersonal and communication skills with the ability to ask questions, actively listen, escalate roadblocks, and interact effectively at multiple levels
Strong analytic skills and attention to detail
Preferred Certifications: CTPRP, CISSP, CRISC, CISM,CISA
What do we offer?
Contract of employment
Annual bonus
Private medical care
Possibility for author's tax deduction
Cafeteria Platform/Multisport
English lessons subsidized by the company
Group insurance
Attractive discounts for products and services at our stations
Employee stock purchase plan
ICAS
Modern and convenient office that you can virtually visit here -
Trainings & possibility to develop skills in a wide international environment
No locations found
Save job-
Senior Analyst
2 miesięcy temu
Warsaw, Polska Pharmiweb Pełny etatAs a leading global contract research organization (CRO) with a passion for scientific rigor and decades of clinical development experience, Fortrea provides pharmaceutical, biotechnology, and medical device customers a wide range of clinical development, patient access and technology solutions across more than 20 therapeutic areas. With over 19,000 staff...
-
Third Party Risk Manager
2 miesięcy temu
Warsaw, Polska TD SYNNEX Pełny etatJob Purpose: The selected candidate will be responsible for oversight and coordination of the Third Party Risk Management Program. As part of this work, the individual will be tasked with helping to ensure that TD SYNNEX remains in compliance with the company’s Third Party Risk Management standards and procedures, with a particular focus on screening...
-
Senior Risk Manager, Third Party Security Risk
4 tygodni temu
Warsaw, Polska myGwork Pełny etatJob SummaryThe Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise.This role has been created to provide the right support to the team in remediation space (risk...
-
Senior Risk Manager, Third Party Security Risk
4 tygodni temu
Warsaw, Polska myGwork Pełny etatThis job is with Standard Chartered Bank, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Job Summary The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered...
-
Technology & Cyber Risk: Senior Analyst - Cybersecurity Risk
6 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Markets Tech
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Senior Security Risk Analyst
4 tygodni temu
Warsaw, Polska Snowflake Pełny etatBuild the future of the AI Data Cloud. Join the Snowflake team. We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a...
-
Third Party Warehousing Manager
4 miesięcy temu
Warsaw, Polska Smith+Nephew Pełny etatLife Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living. Role Overview: Third Party Warehousing Manager will play a pivotal role in the relocation of our warehouse operations to a third-party service provider and subsequently oversee the day-to-day operations, performance, and contract management with the...
-
Technology & Cyber Risk: Senior Officer - Cybersecurity Risk
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Warsaw, Polska JPMorgan Chase & Co. Pełny etatIf you enjoy partnering with contacts across the firm, building strong relationships with your colleagues and helping to move the business forward while helping comply to our regulatory commitments and associated policies, this could be the position for you. Corporate Third Party Oversight (CTPO) Legal Entity Broker is a centralized group within Global...
-
Technology & Cyber Risk: Senior Analyst - Technology Risk
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Cyber Risk Director
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatAre you looking for a career move that will put you at the heart of a global financial institution? By Joining Citi, you will become part of a global organisation whose mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Team/Role Overview The Technology and Cyber...
-
Technology & Cyber Risk: Senior Officer - Technology Risk
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Third Party Oversight Broker
5 miesięcy temu
Warsaw, Polska JPMorgan Chase & Co. Pełny etatAre you passionate about ensuring compliance and monitoring Third party activities? Then this role is for you. As a Third Party Oversight Broker within the Third Party Oversight & Governance team, you will oversee all third-party activities to ensure adherence to our oversight standards. Your role will involve coordinating supplier engagements across all...
-
Senior Compliance Risk
6 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Technology & Cyber Risk: Senior Officer - Compliance
5 miesięcy temu
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatThe Cyber Risk Officer is part of the Regulatory Change Management team within TCCORO which performs Regulatory Change Management and Regulatory Mapping activities. The role will be responsible for identifying, anticipating, challenging, and mitigating risks that could affect business objectives, and minimizing operational/compliance risk events and losses....
-
Supplier Cybersecurity Controls Assessor
6 miesięcy temu
Warsaw, Polska JPMorgan Chase & Co. Pełny etatYou are passionate about Technology/ Cybersecurity and you understand industry risk frameworkrs, you found the right team. As a Supplier Cybersecurity Controls Assessor within the Supplier Assurance Services team, you will be responsible for conducting comprehensive risk assessments of suppliers as part of JPMorgan Chase & Co.'s Corporate Third Party...
-
Vendor Management Specialist
4 tygodni temu
Warsaw, Polska myGwork Pełny etatJob SummaryAs a Vendor Management Specialist at Standard Chartered Bank, you will be responsible for managing external vendors and ensuring compliance with third-party risk requirements. This role involves being a key point of contact for business stakeholders, advising on procedural requirements, and providing oversight for vendor management processes.Key...
-
Warsaw, Polska 11101 Citibank Europe plc Poland Pełny etatCome and join our newly established Cyber Risk Team in Warsaw! The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while...
-
Senior Quantitative Risk Analyst
4 tygodni temu
Warsaw, Polska Nordea Bank Pełny etatJob ID: 23534 Senior Quantitative Risk Analyst, Gdansk/Warsaw/Copenhagen Are you a motivated, collaborative, proven market risk professional? We are looking for an experienced market risk professional with a strong analytical mind and excellent stakeholder management skills to join Nordea’s Group Risk function. At Nordea, we’re committed...