JAGGAER is the world’s leading provider of comprehensive spend management solutions with 2,000 customers connected to a network of 3.7 million suppliers in 70 countries, served by offices located in North America, Latin America, throughout Europe, the United Kingdom, Australia, Asia and the Middle East. JAGGAER offers complete SaaS-based Source-to-Pay solutions with advanced capabilities and embedded intelligence to transcend the customer experience and simplify the complex enabling unparalleled adoption and customer outcomes. JAGGAER has pioneered spend solutions for over two decades and continues to lead the innovation curve by listening to customers and analyzing the market. Our solution suites are trusted by the world’s largest manufacturing, education, healthcare, pharmaceutical, retail, consumer package goods, transportation & logistics, business services, construction, utility companies, and public service organizations. www.JAGGAER.com.
Third-Party Risk Analyst (M/F)
This is a position in our offices in Belgrade or Novi Sad, whatever location is better for you.
You are a talented and experienced Third-Party Risk Analyst to assist in the operationalization of our Third-Party Risk Management Program focused on ensuring the security and integrity of Jaggaer third parties with access to Jaggaer and Jaggaer customer confidential and sensitive data.
The Third Party Risk Analyst is a member of the Information Security Team and is responsible for ensuring Jaggaer data and Jaggaer customer data entrusted with Third Parties remains secure and all risks, vulnerabilities and defects are managed, tracked and remediated in compliance with policies, Regulations and Industry Best Practices. The Third-Party Risk Analyst selected for this role must have experience with risk management concepts and possess a background in vendor risk management. The Third-Party Risk Analyst will execute and manage the vendor assessments for all vendors and serve as a contact to internal business owners across the enterprise that own the relationship with vendors who are vetted through the program. The selected candidate will develop a deep understanding of Jaggaer’s third party relationships throughout the entire relationship life cycle as well as participate in monitoring, analysis and reporting on Third Party Risk areas that impact Jaggaer.
Summary of Responsibilities:
- Responsible for performing third party risk assessments for existing and new vendor engagements in accordance with established standards.
- Collaborates with vendors and vendor managers to request required due diligence documentation for all new vendor engagements and for ongoing due diligence for existing vendors in accordance with Jaggaer Policy.
- Assesses and documents the sufficiency of due diligence documentation received from vendors, including engaging with subject matter experts where appropriate.
- Provides guidance to vendor managers with respect to Jaggaer standards and their application to specific vendor engagements, including recommendations with respect to potential risk mitigation/remediation plans.
- Engages with vendor managers in developing corrective action plans for vendor information security, performance, financial or business process deficiencies.
- Act as an operations resource in the development of process improvements, with a particular focus on helping to identify areas where changes can reduce the potential for errors and mitigate risks
- Ensures the timely update and maintenance of vendor information and documentation.
- Provides additional monitoring, analysis and reporting on all third-party risk areas.
- Three (3) + years’ experience in Vendor Management, Information Security or IT Audit
- Performing Information Security / Technology risk assessments
- Experience overseeing adherence to policies and remediation efforts by third parties
- Experience overseeing adherence to third party risk policies and processes by internal IT staff and business line owners
- Excel, SharePoint and analytic reporting experience
- Experience with regulatory requirements
- Ability to manage multiple work streams simultaneously
- Strong verbal and written communications skills
- Strong relationship management experience and skills
- Excellent research and analytical skills
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Bachelor's degree in Business/ Computer Science/Technology/Law with IT audit or compliance experience
- Knowledge of information security, Technology Compliance management industry frameworks and standards such as NIST, OWASP, SANS, ISO-27001/2, SANS, and Cobit
- Short communication channels and room for your creative ideas
- Education, coaching and support for your personal development
- An international, professional environment with exciting opportunities
- Private Health Insurance, FitPass...
- A modern office in New Belgrade or Novi Sad
Apply now and be part of our success!