Address
Form of workRole: IT Vendor Risk Manager
Location: Blackburn, BB1 2FA
Contract: Full Time / Permanent
Salary: £50,000 & Bonus Scheme
Company: EG Group
About the role…
We are looking for an IT Vendor Risk Manager to join our growing Information Technology Function. This role requires someone dynamic and self-starting to deploy our IT Vendor Risk methodology across key suppliers within the UK and Europe.
This is a new and challenging role which will involve proactively working with a wide range of EG IT suppliers located across the globe. Reporting into the Head of IT Risk and Control, you will have the ability to shape this role and drive real improvements as a SME and go-to person within the department.
This opportunity is ideal for an ambitious and passionate professional, eager to advance their career in IT Vendor Risk Management within a Global Retail environment. You may come from a vendor management role or IT Risk management background.
Duties and Responsibilities
In this role you will:
- Take full ownership of IT Vendor processes, controls and monitoring.
- Manage the IT vendor inventory and associated controls.
- Assist in the vendor assurance processes such as onboarding, offboarding and assessing criticality to the organisation.
- Diligently review contracts and stay up to date with renewals.
- Facilitate and run IT vendor meetings,
- Provide support in negotiations, due diligence and service renewals.
- Develop and update IT vendor management policies.
Responsibilities across all our key 3rd Party IT suppliers will include:
- Leading on IT Vendor Risk Management and Governance including onboarding, offboarding, due diligence, risk assessments and enhancing methodology.
- Seeking to enforce a measurable level of effectiveness and a culture of continual improvement.
- Ensuring contractual obligations, service levels and delivery expectations are met across all key suppliers.
- Reviewing supplier’s performance against contracted services, in particular 3rd party assurance reports (SOC2) to assess IT control gaps, especially in areas such as privileged access and change management, and provide robust remediation plans where required in conjunction with the supplier and IT Risk.
- Co-ordinating annual supplier risk assessments across the portfolio based on criticality of service.
- Working closely with internal stakeholders to ensure the key suppliers are keeping pace with changing needs and implementing improvements without impacting on service stability or programme delivery.
- Driving all remedial actions which are required around service, performance, risk and control improvements. Investigate and resolve contractual issues, including failure to meet obligations (including IT Controls) potentially with large multi-national suppliers.
- Champion continuous improvement programmes with IT suppliers, jointly developing strategies and incentives to enhance performance, IT risk management and control.
You will need to be very organised and tenacious, with experience of assessing 3rd party controls to ensure the arrangements are fit for purpose and controls are designed effectively and delivered according to service levels.
Candidate Requirements
Essential
- 2+ Years experience working in an IT vendor, service or Risk management role.
- The ability to influence colleagues, teams, and senior leadership to embed IT Supplier Risk Management processes successfully.
- Ability to work with a wide range of suppliers to manage and drive improvements in delivery of contracted services against SLA, particular focus on IT Controls key areas.
- Experience of conducting formal service reviews, monitoring, and reporting.
- Excellent Communication and Organisation Skills.
- Comfortable working with colleagues across all levels of the business.
Desired
- 2+ Years experience working within or alongside IT Risk & Control teams.
- Performing 3rd party risk assessments, review of SOC reports
- Experience of the Service Now Platform
- Proficiency with Microsoft Office tools, particularly Excel, Word, Visio and PowerPoint.
- Degree or demonstrated time served IT vendor management and/or IT Risk Management experience.
- CISA, CRISC or relevant Vendor Management Certifications.
Benefits & Rewards
- Performance Based Bonus Scheme.
- Employee Life Assurance.
- EG Group Discounts - up to 15% off at our stores and food to go restaurants.
- ASDA Discount Card - 10% off all ASDA stores.
- EG Cares Benefits - exclusive discounts across 900 retailers.
- Smart Health - 24/7 online GP access, health checks and health and wellbeing support.
- Employee Assistance Programme - access to our Wellbeing Centre which offers emotional & practical support including free financial advice.
- Learning & Development - access to our Learning Hub, the most extensive online course library in the world to support you with every step of your career at EG Group.
- Waterside Café - freshly prepared meals at affordable prices.
- Free Secure Car Parking.
- Dress Down Fridays.
- Flexi-Time.
- Prayer and Ablution Facilities.
- Sit / Stand Desk Facilities.
- Work Anniversary Rewards.
- Free Eye Test.
Who are EG Group?
EG Group is one of the world’s leading independent convenience retailers with an extensive network of sites across international markets in the United Kingdom & Ireland, Continental Europe, Australia and the United States of America.
Founded in 2001 by the Issa family with the acquisition of a single site in the UK, today the company is at the forefront of delivering an innovative approach to forecourt convenience retail.
At EG Group, we pride ourselves on being recognised for our investment model, trading performance and more importantly, providing a best-in-class customer experience in Grocery & Merchandise, Foodservice and Fuel.
Our transformational convenience retail business model has been built upon excellent relationships with an extensive portfolio of leading retail brands, and through strategic network acquisitions supported by a program of new-to-industry developments.
