Risk Assurance Analyst

Main Responsibilities:

• Risk Assessment (Cybersecurity): Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary.
• Compliance (Cybersecurity): Collaborating with procurement teams to drive adherence and enhance controls across the E2E Procurement lifecycle. Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, ISO27001).
• Reporting and Data Visualization: Generate regular reports and dashboards for TPRM process and Supplier risk factors, compliance metrics, and key performance indicators for stakeholders and leadership.
• Collaboration: Work closely with Procurement, GBUs and Cybersecurity to integrate risk management practices into the supplier relationship lifecycle.
• Continuous Improvement: Identify opportunities for enhancing Cybersecurity risk management processes, implementing best practices to drive positive outcomes.

About you:

• Experience: 2 - 4 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools (e.g., CRA, Ariba, OneTrust) and frameworks (e.g., ISO 27001, GDPR) Experience in healthcare and/or life-science industry. Familiarity with procurement processes and category management principles. Global or international experience and ability to work with a diverse team.
• Soft skills & Technical skills: Strong analytical and problem-solving skills, with attention to detail. Effective communication skills to convey complex risk insights. Collaborative mindset with the ability to work effectively in a team environment. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts.
• Education: Bachelors degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control) or CISSP (Certified Information Systems Security Professional) are highly desirable.
• Languages: Fluent in English (spoken and written)

Why Choose us?

• Bring the miracles of science to life alongside a supportive, future-focused team.
• Discover endless opportunities to grow your talent and drive your career, whether its through a promotion or lateral move, at home or internationally.
• Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact.
• Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare, prevention, and wellness programs and at least 14 weeks gender-neutral parental leave.