IT Vendor Risk Manager

The IT Vendor Risk Manager is part of the Risk Management line 1.5 defense, working with IT risk owners to ensure controls are effective and managed. The individual will be primary responsible for overall vendor management, including but not limited to vendor contracting, performance management (e.g., KPIs and SLAs tracking, risk and compliance management in line with regulatory and legal requirements, and continuous improvement), and risk management (e.g., due diligence).

Job Responsibilities:

• Oversee ITvendor managementand manage risks associated with IT vendors

• Managecontracting processes with contract owners and relevant SME, ensuring all vendor agreements align with NETS policies and regulatory requirements

• Track and review vendor performance against defined KPIs and SLAs, ensuring vendorsfulfilperformance standards.

• Continuouslymonitorvendor security posture through due diligence performed by contract owners to track compliance and performance

• Monitor third party activities throughout TPRM lifecycle to ensurecompliance withregulatory and NETS requirements, supporting review conducted by SME and perform assessments to mitigate risks.

• Drive initiatives for continuous improvement in vendor management processes, enhancing efficiency and effectivenessto align with evolving security standards, regulatoryrequirements,and emerging risks in third-party ecosystemsConduct thorough due diligence on potential vendors to ensure they meetNETS standards for reliability, security, and compliance
• Provide periodic reporting on vendor performance, risks, and compliance to senior management and other stakeholders.
• Collaborate with internal stakeholders, including Technology division, Finance, Risk and Compliance, Legal to align vendor management standards with business objectives and requirements.

Requirements:

• Degree in Information Technology, Business Administration, or a related field
• Minimum 7-9 years of experience in IT vendor management, procurement, or a related area
• Proven experience in managing vendor relationships within the payments industry including vendor performance management and dispute resolution
• Strong understanding of regulatory and legal requirements related to IT vendor management
• Exhibit strong risk mindset, ensuring rigorous execution and adherence to best practices in line with industry.
• Excellent analytical skills with the ability to assess vendor performance, track KPIs, and develop improvement plans
• Good written and verbal communication skills
• Strong problem-solving skills with a proactive approach to identifying issues, developing solutions, and implementing changes to improve vendor management processes
• Certifications such as CISA, CISM, CISSP, CRISC or any relevant certification is an advantage