Description

VP- Vendor Risk Management

First Abu Dhabi Bank (FAB) Al Qurm Business Park, Abu Dhabi, United Arab Emirates

Full-time

Sub Division: Security & BCM

Division: Group Risk Management

Company Description

Join the UAE\'s largest bank and one of the world\'s largest and safest financial institutions. Our focus is to create value for our employees, customers, shareholders and communities to grow through differentiation, agility and innovation. We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting and dynamic industry.



JOB PURPOSE:

Will be responsible for assessing, reviewing and maintaining compliance with Bank\'s Vendor Risk Management requirements in line with

Local Regulatory requirements

International FAB branches and subsidiaries regulatory requirements

New and existing vendors information security due diligence according to regulatory requirements

KEY ACCOUNTABILITIES

Generic Accountability- Assist Ist line of defense (SVM and Business) on the VRM framework processes

Organise and supervise the work of the assigned VRM role to international team to ensure that all work within a specific area of the activity is carried out in an efficient manner, which is consistent with operating procedures and policy.

Provide on-the-job training and constructive feedback to assigned team to support their overall development.

Promote the organisation\'s values and ethics in all activities within the team in order to support the establishment of a value drive culture within the bank.

Generic Accountability - Policies, Systems, Processes & Procedures

Provide inputs and implement policies, systems and procedure for the assigned team so that all relevant procedural/legislative requirements, fulfilled while delivering a quality, cost-effective service.

Generic Accountability - Continuous Improvement

Participate in the identification of opportunities for continuous improvement and sustainability of systems, processes and practices considering global standards, productivity improvement and cost reduction

Generic Accountability - Reporting

Prepare sectional statements and reports timely and accurately to meet FAB and department requirements, policies and quality standards.

Job Context

Performs evaluation of Third Party and Vendor engagements to identify and manage vendor risk which may include completion of inherent and overall risk assessments and initiating due diligence with cross function in accordance with procedures.

Develops and performs reporting for VRM including data collection, consolidation, analysis, spreadsheets and dashboards in support of the VRM process.

Completes quality control reviews and testing to ensure procedures are followed.

Provide VRM training to VM/VRM/BU related SPOCs across the group and when requested for existing or new members

Prepare Weekly, Monthly, Quarterly VRM related reports on request bases, including monthly SLA\'s for each country.

Daily timesheet to be updated in Archer on all activities performed throughout the day.

Assist/Support all teams on VRM related policies and procedures, including support in reviewing VRM IRQ\'s & DDQs.

Provide & maintain vendor risk reporting mechanisms, and track and report outcomes from vendor management activities.

Review third-party contracts and recommend relevant security control clauses as relevant to the service provided and identified risks (if any).

Analyse, update, and modify procedures and processes to identify and continuously implement vendor risk management process improvements

Stay informed about the latest developments in the vendor risk management field

Serve as the subject matter expert in interpreting requirements and improve awareness of Operational Risks faced by Business from vendor failure/poor performance and work with Strategic Sourcing/Legal/Business to mitigate any losses through vendor compensation achieved through establishment of robust contracts

Perform any other job related instructions, as requested, with reasonable accommodation

Qualifications

Minimum Qualification

Should have Bachelor Degree or Master\'s Degree

Expert knowledge of Information Security Domains and should be certified (CISA, CISSP or CISM or any other relevant security certification)

Possess good Project Management skills

Highly developed communication skills, both verbal and written

Minimum Experience

Minimum of 3+ years related work experience in vendor management or vendor risk management is required

Comprehensive knowledge of applicable concepts and methodologies such as continuous quality improvement and auditing experience

Extensive working experience in Business Risk Management, Security Risk, Operational Risk, Internal Audit, and/or Controls related function is preferred

Familiar with industry compliance standards, such as ISO27001, PCI DSS, SOC1 (SSAE16) and SOC2

Understanding of governance structures used to manage vendor risk programs and vendor mitigation and oversight

Joblinks.ae