Third Party Risk Specialist

We are seeking a highly skilled Third Party Risk Analyst – Cybersecurity to join our team at Groupe SII. The successful candidate will be responsible for defining, maintaining, and overseeing the third-party risk framework, policy, and inventory following management expectations and best practices.

• Develop and implement a robust global third-party risk management program in collaboration with the TPRM Lead.
• Conduct comprehensive third-party risk assessments and examine all relevant third-party risk domains.
• Oversee the effectiveness of the TPM operating model and develop Standard Operating Procedures (SOPs) to document the entire assessment process.
• Work with the Business to report supplier material breaches/issues and liaise with 2LoD on behalf of the business to complete risk assessments.
• Liaise with 2LOD and other risk SMEs to ensure TPRM processes are aligned with industry standards.
• Manage the specification and deployment of changes and defect fixes for the Segmentation/Risk tool & monitor risk and third-party performance activities.
• Support the creation, update, and testing of exit plans and prepare KRI & KPIs/MI reporting to improve third-party risk reporting for senior leaders, relevant stakeholders, and governance groups.

• 3-5 years of third-party/vendor risk management experience, preferably in financial services.
• Knowledge of emerging trends, regulations, and industry standards related to third-party risk management (ISO 27001, ISO 22301, ISO 31000, data privacy, etc.).
• Practical experience in identifying and eliminating a variety of risks, including information security, data protection, business continuity, financial risk, operational risk, and reputational risk.
• Experience working with and managing teams of high performers in a dynamic environment.
• Strong process and project management skills.
• Ability to adapt positively to rapidly changing priorities and changing goals.
• Openness to work from the office in Krakow at least twice a month.