Head of Vendor Risk Management

Groupe BPCE (Paris, France) Publié il y a 7 heures

Poste et missions




Natixis is a French multinational financial services firm specialized in asset & wealth management, corporate & investment banking, insurance and payments. A subsidiary of Groupe BPCE, the second-largest banking group in France through its two retail banking networks, Banque Populaire and Caisse d'Epargne, Natixis counts nearly 16,000 employees across 38 countries. Its clients include corporations, financial institutions, sovereign and supranational organizations, as well as the customers of Groupe BPCE's networks. Listed on the Paris stock exchange, Natixis has a solid financial base with a CET1 capital under Basel 3(1) of €11.6 billion, a Basel 3 CET1 Ratio(1) of 11.2% and quality long-term ratings (Standard & Poor's: A+ / Moody's: A1 / Fitch Ratings: A+). 

(1) Based on CRR-CRD4 rules as reported on June 26, 2013, including the Danish compromise - without phase-in

Figures as at 30 June 2020​


JobDescription

The Vendor/ Third Party Risk Manager will be responsible for the development and implementation of an enterprise-wide Vendor/Third Party risk management program within the second Line of Defense.

  • Develop Third Party Risk engagement models to ensure that third party risk considerations are accounted for in all the bank’s major sourcing initiatives.
  • Design and implement a Third-Party Risk Management Framework that provides oversight and independent challenge to the first line through an effective and objective assessment.
  • Establish and communicate Vendor/ Third Party Risk related governance models, risk and control strategies, policies and metrics.
  • Follow security, privacy, and regulatory requirements and best practices impacting Vendor/ Third Party Risk management.
  • Provide advice to business and senior management with respect to changes requested by third parties that affect our security posture and/ or privacy provisions of our contracts and outsourced activities.
  • Perform risk tracking, trending, analysis, and executive reporting.
  • Develop and maintain a Vendor/ Third Party Risk policy and related practices as well as identify risks and appropriate controls with respect to the supervision of 1st line remediation of risks resulting from third party applications, systems, and infrastructure.
  • Advise procurement, purchasing and project teams on vendor assessment requirements and perform Vendor/ Third Party Risk assessments for new vendors or services.
  • Analyze, and assess business processes and requirements to ensure compliance with security policies and procedures.
  • Lead process improvements and solution discussions and present outcomes in written and verbal format to senior management.

Profil et compétences requises


• Bachelor’s degree in Information Technology, Information Security, Business or Risk Management (or equivalent professional qualification)
• 5+ years’ experience specifically in third party, Information Security or technology assessments.
• Prior Vendor/ Third Party Risk experience (IT, Cyber, Vendor etc.) and exposure to the Financial Services industry is a must.  
• Experience with GRC tools and other risk management information systems is preferred.
• Exposure to developing and implementing risk management programs in global organizations.
• Experience interacting with regulatory agencies is a plus.
• Good Influence Builder and Trust Builder
• Good stakeholder management skills
• Ability to work effectively in a team environment, yet Self-motivated with the ability to work independently.
• Strong verbal, written communication and interpersonal skills.
• Ability to effectively handle a fast-paced environment and successfully meet established deadline requirements.
• Microsoft Offic

Date de publication: 21/11/2019

Emplois similaires
More from Groupe BPCE
Head of Technology Risk Management
Groupe BPCE Publié il y a 3 jours
Compliance Model Risk Validator
Groupe BPCE Publié il y a 5 jours
Liquidity Risk Officer
Groupe BPCE Publié il y a 3 jours

Head of Vendor Risk Management

Apply On Company Site
Back to search page