Vendor Risk Specialist

Company Description

Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.

We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.

Job Description

Avaloq has created a centralized Global Vendor Risk Management (VRM) unit in order to identify, evaluate, manage and mitigate risks associated with our third parties across various risk areas.

The Vendor Risk Specialist will work closely with other members of the VRM team to organize and execute the vendor risk assessment process. In addition to working with established processes, a key outcome for this position will be to gain a broad understanding of Avaloq’s supplier base, with a view to developing into the position into that of a professional risk analyst capable of conducting supplier risk reviews independently and efficiently.

In general, he/she is responsible for the collection, analysis and reporting operational data and risk metrics in support of the VRM unit and its business unit partners. This professional will gather sufficient strategic, technical and operational information from internal business units and external third party to ultimately understand and communicate the current risks, business challenges and issues. In addition, this professional will gather due diligence on selected vendors and prepare reports on Third Party activities to all participants.

The Vendor Risk Specialist will be also contribute to the maintenance and continuous improvement of the global VRM framework.

Your mission

• Organize the execution of yearly and on demand Vendor Risk Assessment activities.
• Plan, organize and follow up of the annual execution.
• Create the report for management and relevant committees as a result of VRA campaigns.
• Monitor to significant events and risks related to third parties
• Perform risk-based due diligence on Avaloq’s third parties to address potential vulnerabilities across various risk areas: Cyber Security, Data Privacy, Financial Health, Business Continuity, Disaster Recovery, Operational Risk, Reputational Risk, among others. Moreover, on-site visits or telephone interviews can be performed on key vendors.
• Work with stakeholders in the various Business risk areas to complete assessments and execute remediation plans where applicable. Establishing relationships with vendors to implement good collaboration.
• Collect, develop and analyze Key Performance Indicators (KPIs), and Key Risk Indicators (KRIs).
• Collect data and provide quantitative analysis of current state, new objectives, supporting metrics and measures, and contribute to proposed solutions.
• Maintain and expand Third Party Risk Management framework.
• Improve reporting on TPM risk events
• Collaborate internally with various stakeholders (Partner management, Procurement, Risk, Data Privacy, Security, Business Continuity

Qualifications

What you need

• University Degree in Economics, Engineering, Information Technology or equivalent subjects
• 2+ years of work experience in Risk Management, Information Security Risk, Operational Risk or Procurement area in a bank, financial institution, or consulting company
• Strong knowledge of TPRM practices across the vendor lifecycle (due diligence, contracts, monitoring, issues, offboarding).
• Familiarity with common control frameworks and regulations (e.g., ISO 27001/2, SOC 2, NIST, GDPR/DPAs, business continuity, financial viability).
• Experience collaborating with Legal, Security, Procurement, and business stakeholders; able to translate risk into business terms.
• Strong problem solving, organizational and time management skills. IT and MS Office suite skills are strongly recommended
• Ability to influence others through strong written and verbal communication, maintaining cooperative relationships at all levels of the organization, despite differing perspectives

You will get extra points for the following

• Risk Management/Information Security certifications
• Experience with TPRM or GRC platforms (e.g., OneTrust, Archer, ProcessUnity, Coupa Risk Aware, ServiceNow VRM, Vanta)
• Sector‑specific compliance knowledge (e.g., DORA for financial services in the EU, EBA guidelines, GDPR)
• Exposure to fourth‑party/chain risk, concentration risk, and resilience testing
• Knowledge in Power BI
• PMP certification

Additional Information

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.  

#LI-Hybrid

Videos To Watch