The Vendor Risk Assessment Analyst is a transformational opportunity to work within the Vendor Risk Assessment Center (VRAC). This individual will serves as a subject matter expert and partner with our Information Security and Risk partners to manage, review risk assessment and recommend new process enhancements in line with audit requirements. The Vendor Risk Assessment Analyst will also be perform risk assessments thoroughly and timely. This will require working closely with the Third Parties and business stakeholders and risk partners across Santander.
Vendor Risk Assessment
Delivers industry best practices, tools, guidance, and training related to information security and business continuity practices and standards.
Demonstrates strong subject matter expertise and serves as an authority and credible challenge to management regarding information security and business continuity assessments and risks.
Complete information security and business continuity assessments as needed on third parties.
Provides a comprehensive range of risk management expertise.
Completes quality assurance validation of information security and business continuity assessment work products.
Develop and sustain meaningful relationships through building trust and rapport with internal Santander stakeholders
Partners with Business stakeholders to report on risks from third parties as it relates to information security and business continuity.
Represent Santander's position in front of suppliers, and act as the communication link between Santander and suppliers as needed
Management of issue resolution falling within the scope of the department
Participate in the development and the execution of the company internal projects contributing to improve the performance of the organization
Bachelor’s degree with a focus on Information Technology and/or Security
Bi-lingual (fluent in Spanish and English)
1-3 years of experience in audit, information security and/or assurance assessment.
1-3 years of experience related to risk management and the financial services industry.
Familiarity with Information Security industry standards and best practices, as well as relevant frameworks and regulations (e.g. ISO 27000, PCI DSS, GLBA, NIST).
Familiarity with Data Privacy (GLBA, GDPR), Business Continuity, Physical and Environmental Security.
Strong operational risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment
Ability to independently operate in a complex environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense
Advanced audit, risk, process, and control validation and/or assessment skills
Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed
Ability to convey a sense of urgency and drive issues/projects to closure
Ability to effectively interact with the market, executive management and vendors
Ability to adapt and adjust to multiple demands and competing priorities
Excellent written and oral communication skills
Excellent analytical, organizational and project management skills
One of the Information Security and/or Audit certifications such as Certified Information System Audit (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Security Professional (CISSP) is preferred
About Aquanima México (Grupo Santander)
Aquanima emerges as a response to the growing need of senior management to improve companies’ income statements. We help our clients advancing the cause of purchasing departments, optimising and transforming their organizations and processes. Purchasing teams having to address this towering challenge – in a complex and competitive environment – can rely on Aquanima for the highest level of external support. Aquanima acts as a strategic ally in attaining our clients demanding goals.
Our services have resulted in direct negotiations with a volume of more than 40,000 million euros, in more than 66,000 negotiations, achieving average savings above 12% (4,800 million euros) for our customers. Aquanima operates under a unique business model which is aligned with the goals of our clients and is based on results.
These results have positioned us as leaders in purchasing services (eSourcing, eProcurement, outsourcing and consultancy) on both a European and Latin American level. A team of more than 250 purchasing specialists that makes up Aquanima in 10 countries constantly works to support our customers in over 120 purchasing categories covering direct and indirect goods as well as se...rvices.
Aquanima creates value for its clients primarily based on:
The in-depth knowledge of our specialists regarding categories and suppliers
Our own, structured and transparent methodology developed over more than 15 years of teamwork with our clients
The use of cutting-edge technology that spans the entire purchasing value chain
Volume aggregation impacts in joint purchases for groups of different clients