Third Party Information Risk Analyst

1 semana atrás

Lisboa, Portugal Amgen Tempo inteiro

**Portugal - Lisbon**

**JOB ID**:
R-207971

**LOCATION**:

- Portugal - Lisbon

**WORK LOCATION TYPE**:
Flex Commuter / Hybrid

**DATE POSTED**:
May. 23, 2025

**CATEGORY**:
Information Systems

**HOW MIGHT YOU DEFY IMAGINATION?**

**LIVE**

**THIRD-PARTY RISK ASSESSMENT SPECIALIST**

**WHAT YOU WILL DO**:
As a Third-Party Risk Assessment Specialist to join our Information Security team you will play a critical role in focusing on ensuring that security risks associated with third-party vendors are identified, assessed, mitigated, and monitored effectively.

You’ll have responsibility for reviewing security terms and conditions in contracts, especially redlined sections by counterparties, and collaborate with Legal, Strategic Sourcing, and business owners to ensure compliance with internal security standards.

**Key Responsibilities of the role**:

- Perform comprehensive security assessments of third-party vendors, identifying potential risks and control gaps.
- Review and negotiate security clauses in contracts that are redlined by counterparties, ensuring they align with organizational security policies and risk appetite.
- Collaborate with Legal, Strategic Sourcing, and business owners during contract review and vendor onboarding processes to address security risks.
- Maintain an inventory of approved security terms for contract negotiations and support the continuous improvement of the contract review process.

**WIN**

**WHAT WE EXPECT OF YOU**:

- Educated to degree level in Information Security, Computer Science, or related field (or equivalent experience).
- Demonstrable experience in third-party risk management, information security, or a related field.
- Strong understanding of security frameworks and controls (e.g., ISO 27001, NIST, SOC 2).
- Experience in reviewing and negotiating security clauses in contracts.
- Familiarity with risk mitigation strategies and monitoring methodologies.
- Ability to collaborate effectively with cross-functional teams, including Legal and Procurement.
- Excellent written and verbal communication skills, with the ability to convey technical security concepts to non-technical stakeholders.

Preferred:

- Industry-recognized certifications (e.g., CISSP, CISA, CISM, CRISC).
- Experience with third-party risk management tools and systems.
- Knowledge of regulatory requirements and data privacy standards (e.g., GDPR, HIPAA).

**THRIVE**

**WHAT YOU CAN EXPECT OF US**
- Vast opportunities to learn, develop, and move up and across our global organization.
- Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act.
- Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits.
- Flexible work arrangements.

**FOR A CAREER THAT DEFIES IMAGINATION**

In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us.

**CAREERS.AMGEN.COM**

**EQUAL OPPORTUNITY STATEMENT**

Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

  • Third Party Security Risk Consultant

    1 dia atrás

    Lisboa, Portugal Integrity360 Tempo inteiro

    **Third Party Security Risk management - Portugal** Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin,...

  • IT Risk

    2 semanas atrás

    Lisboa, Portugal Noesis Tempo inteiro

    **Description**: **Noesis is looking for professionals with the following profile**: - Degree in Information Technology (preferably with relevant knowledge in Cybersecurity); - Minimum 2 years of experience in Cybersecurity area; - Excellent knowledge in third party Cybersecurity; - Good skills in Artificial Intelligence and AI security; - Certification in...

  • Senior Risk IT Analyst

    1 dia atrás

    Lisboa, Portugal BNP Paribas Tempo inteiro

    SENIOR RISK IT ANALYST (JOB NUMBER: 2206GSS11555) **About the job** - The Procurement activity at Group Strategic Sourcing (at Group and Entity level) supports the Entities of BNP Paribas Group in the process of buying goods and services to get the best combination of quality, cost, risks and delivery time - Its mandate covers all the Group external...

  • Security Third Party Risk Management Specialist

    Há 21 horas

    Lisboa, Lisboa, Portugal Cloudflare Tempo inteiro

    *About Us*At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without...

  • Senior Risk IT Analyst

    1 dia atrás

    Lisboa, Portugal BNP Paribas Tempo inteiro

    **About the job** - The Procurement activity at Group Strategic Sourcing (at Group and Entity level) supports the Entities of BNP Paribas Group in the process of buying goods and services to get the best combination of quality, cost, risks and delivery time - Its mandate covers all the Group external expenses - The third-party IT risk analyst analyses the...

  • GRC Consultant

    1 semana atrás

    Lisboa, Porto, Portugal Devoteam Tempo inteiro

    Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and...

  • Business Continuity

    Há 3 dias

    Lisboa, Portugal Effitalents Tempo inteiro

    **Our client is a fintech company looking for a Business Continuity & Risk Manager with experience in the banking sector.** This critical role goes beyond traditional continuity planning and encompasses IT risk management & coordination, third-party oversight and cross-functional responsibilities that directly support the organization's operational...

  • Third Party IT Risk

    Há 6 dias

    Lisboa, Portugal Welvaart Tempo inteiro

    Sobre a Welvaart Diariamente, assumimos compromissos e apresentamos soluções aos nossos stakeholders de forma a criar uma estrutura de valores humanos, assente no profissionalismo, honestidade e rigor. Com uma gestão baseada no Human Centered Design, cuidamos dos nossos profissionais com planos de carreira consistentes, mas flexíveis com as suas...

  • Third Party IT Risk

    Há 6 dias

    Lisboa, Lisboa, Portugal Welvaart Tempo inteiro

    Sobre a WelvaartDiariamente, assumimos compromissos e apresentamos soluções aos nossos stakeholders de forma a criar uma estrutura de valores humanos, assente no profissionalismo, honestidade e rigor.Com uma gestão baseada no Human Centered Design, cuidamos dos nossos profissionais com planos de carreira consistentes, mas flexíveis com as suas...

  • Senior Manager, Third-Party Supply Chain

    3 semanas atrás

    Lisboa, Portugal Amgen Tempo inteiro

    A global biotechnology company is seeking an experienced manager to oversee and optimize operational activities at third-party service centers in Lisbon. The role requires fluent English and Portuguese, management experience in subcontractor settings, and a strong background in Lean Six Sigma. Offering an attractive salary, company car, and flexible hybrid...