Share this Job

Vendor Risk Senior Analyst


Poznan, WP, PL

JOB CATEGORY:  Information Services




Vendor Risk Senior Analyst

in Mars Global Services

Location: Poznan, city centre

* Fully virtual recruitment experience *


Job summary and purpose:

This position will be responsible for working with vendor relationship owners and vendors to ensure they have the proper IT security controls in place to minimize the risk to Mars.

The Associate on this position will be a technical subject matter expert that can evaluate vendor risk based on the collected documentation and industry tools to identify risk. This position is responsible for performing security assessments to identify and track these risks.


What would be your key responsibilities?

  • Align with Procurement Teams to ensure proper security language is included in master agreements.
  • Assess supplier security controls and leverage multiple tools in the Mars IS security portfolio to understand the risk
  • Drive project delivery by ensuring the pipeline of vendor assessments is managed to SLA
  • Communicate risks and mitigation strategies to Commercial, Legal, and Business Partnership
  • Work with Risk Management to raise Issue Management for tracking and remediation
  • Assist with metrics and KPIs to Information Security and segment Business Partnership
  • Work with Procurement to drive monitoring and compliance for our overall portfolio of suppliers
  • Work with Corporate Legal to provide ongoing monitoring and compliance for International Privacy Legislation (GDPR and others)
  • Review third party audit documentation (SOC2, ISO 27001, PCI AOC) and supporting vendor documentation (vulnerability scans, penetration test) to identify and rank risks.
  • Document residual risk for Issue Management.
  • Assist in vendor security metrics and KPIs for senior management.
  • Support and input to continually enhance program for ease of use
  • Work to embed security assessment in existing processes
  • Leverage project management skills to deliver new technologies


What are we looking for?

  • University degree in the field of Information Systems or Computer Science
  • Security Certifications are preferred but not required
  • 2-3 years of experience in vendor assessments is a must
  • Good understanding of the
  • Strong communication, written and interpersonal skills; ability to work and communicate effectively with a wide range of individuals across all levels of the organization
  • Can translate Risk into a real case scenarios
  • Ability to handle and maintain confidential and sensitive information
  • Strong analytical and problem solving skills
  • Ability to work independently and own discrete areas of responsibility
  • Ability to prioritize work, meet deadlines, and working effectively
  • Very good command of English (both verbal and written)


What can you expect from Mars?

  • Contract of employment
  • Attractive financial conditions with Business Bonus and Christmas Bonus
  • We will also look after your safety and wellbeing by offering you rich benefits package incl. life insurance, medical care and Employee Assistance program
  • Extra savings scheme to support You in long perspective
  • Support in career building through personalized development plan
  • Attractive discounts on our products and access to limited series offers that Your family and friend will love
  • Lunch card or subsidized meals in the staff canteen
  • Possibility to participate in volunteering initiatives during working hours
  • A modern office in the city centre where You can bring Your pet
  • Office facilities for cyclists






Job Segment: Risk Management, Information Systems, Computer Science, Project Manager, Information Security, Finance, Technology