Head of Third Party & Outsourcing Risk

at ABN AMRO
📍 Amsterdam, Netherlands
EUR 111,100-158,700 per year
SENIOR
✅ On-site

🕙 36-40 hours per week

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 4 Leadership @ 4 Team Management @ 4 Communication @ 4 GDPR @ 4 Experimentation @ 4

Details

As an organization we outsource quite a lot of activities and work with many third parties. While this delivers opportunities and efficiencies, it also creates risks that need to be managed. Especially in this day and age where we are more and more digitally connected into a wider eco-system. At ABN AMRO non-financial risk management is performed according to the three lines of defence model. The Head of Third Party & Outsourcing Risk is groupwide responsible for all second line of defense activities within the ABN AMRO group related to outsourcing and third party risks. As part of the wider IT & Cyber CRO function you lead the 2nd line activities for these risk types, providing independent and adequate oversight over first line activities in this space, as well as guiding and assisting the first line organization in mitigating the relevant risks that matter. You are also pivotal in setting risk boundaries and managing risk expectations for this risk type to all relevant stakeholders, including management board and regulators.

You do this with independence, authority and the relevant knowledge and competencies. In doing so you will lead a small team of professionals. Furthermore you will be part of the management team of the CRO IT & Cyber function and you are expected to help develop this function as a whole to the next level. This is an expert lead role which requires a mixed skillset of team management, expert leadership and good stakeholder management and communication skills. As such this role is a great opportunity to further develop your personal leadership.

Responsibilities

  • Groupwide responsibility for all second line of defense activities related to outsourcing and third party risks.
  • Develop and maintain a Third Party & Outsourcing Risk policy and risk management framework.
  • Set risk appetite for this risk type.
  • Define key controls and control testing strategies regarding third party & outsourcing risk.
  • Identify, analyze and ensure alignment with new and changing regulatory and business objectives in this space.
  • Define comprehensive guidelines and procedures to support consistent risk management practices across the organisation.
  • Conduct qualitative and quantitative risk analysis for third party & outsourcings risk.
  • Identify key concerns and help develop key mitigation strategies for those concerns.
  • Report relevant risk and manage all relevant stakeholders.
  • Contribute to sourcing strategies, vendor management practices, and development of scenarios and playbooks for key IT & Cyber Risk events.
  • Be a proactive and enabling partner for I&T, the Management Team I&T and the bank to mitigate or resolve identified risks that matter.

Key relationships and scope:

  • Reports to: Chief Risk Officer IT & Cyber (CRO IT & Cyber).
  • Close cooperation with head of Procurement, head of Vendor Security, and MT members CRO IT & Cyber.
  • Direct reports: 5 FTE.

Requirements

  • 10+ years of relevant experience (noted in the vacancy summary).
  • Seasoned and experienced non-financial risk manager with focus on third party risk, IT risk and cyber security risk.
  • Senior-level experience with IT and vendor risk assessments and control design, including conducting vendor, IT and cyber security risk assessments.
  • Ability to identify, quantify, and prioritize risks at the enterprise level, including supply chain/third-party risks.
  • Experience designing, implementing and validating controls.
  • In-depth knowledge of relevant laws, regulations and directives, such as DORA, GDPR and NIS2, and (cloud) outsourcing supervisory guidelines.
  • Familiarity with international standards and models such as COBIT, NIST CSF and the FAIR model.
  • Strong stakeholder management and communication skills; ability to maintain 2nd line independence while cooperating with first line functions (Procurement, Contract Management, Information Security, Business Continuity).
  • Capability to switch between operational, tactical and strategic work and dialogue.

Working environment & Leadership qualities

Behavioral culture within Risk Management includes debating, deciding, keeping things simple, embracing practicable solutions, and owning outcomes. The role expects four core leadership qualities:

  • Inspire & Enable: mobilize teams around purpose and strategy.
  • Balance Ambiguity: set priorities and balance short and long term while staying compliant.
  • Challenge the Status Quo: encourage experimentation within rules and learn from outcomes.
  • Mindful Leader: self-aware leadership aligned with ABN AMRO purpose and values.

Benefits / What we offer

  • Monthly salary range: €9.257 - €13.224 (see salary section).
  • Excellent employment conditions.
  • Responsibility for personal development and extensive internal career opportunities.
  • Contribution to building a future-proof bank with a diverse and inclusive culture.

Application process

  1. Apply online
  2. CV selection and feedback
  3. Job interview(s)
  4. Possible assessment
  5. Job offer
  6. Congratulations on your new job!
  7. Onboarding Desk

Contact

For more information contact: [email protected] (HR).