Capco – The Future. Now.

Capco is a distinctly and positively different place to work. Much more than consultants, we are active participants in the global financial services industry. Our passionate business and technology professionals enjoy a unique environment where they are actively encouraged to apply intellect, innovation, experience and teamwork. We are dedicated to fully supporting our clients as they respond to challenges and opportunities in: Banking, Capital Markets, Finance Risk & Compliance, Insurance, and Wealth and Investment Management. Experience Capco for yourself at capco.com

Let’s Talk About You

You want to Own Your Career. You’re serious about rising as far and as fast as your work and achievements can take you. And you’re ready to write the next chapter of your career story: a challenging and rewarding role as a Capco Third Party Risk Analyst. 

Let’s Get Down To Business

We are looking for a Third Party Risk Analyst to join our ICT risk team.

Responsibilities

  • Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex ICT risks
  • Design policies and procedures that support the successful implementation of TPRM operating models
  • Design technology enhancement requirements to support third-party risk management processes
  • Conduct Third-Party Security Risk Assessment Services
  • Perform cyber risk assessments, incl. review of contracts, SLAs, SOPs, BCM, DRP, exit plans, policies, and materiality levels (substitutability included)
  • Calculate risk score based on: evidence review/ discussion outcomes /additional scores if applicable
  • Agree on the risk mitigation plans with vendors and confirm due dates for remediation closure
  • Follow up on open risks with vendor to confirm completion of mitigation tasks, gather required evidences and perform closure of risks
  • Provide reporting on a regular basis on key risks, mitigation, progress and vendors’ conformance to client’s security policies
  • Assist in the selection and tailoring of approaches, methods and tools to support third party risk management service offering
  • Lead the design, implementation, maintenance, and enforcement of third-party security risk management policies, procedures, and controls
  • Identify key program level metrics, e.g. key performance indicators (KPI) and key risk indicators (KRI) to measure the effectiveness of the program and measure the risk inherited by the organization
  • Partner with other stakeholders (Enterprise Risk Management, Procurement, Information Security, Legal) to effectively coordinate the execution of third-party controls and identify technology integration opportunities and lead proof of concept engagements

Show Us What You’ve Got

It will be very useful if you have some or all of the following skills and experience:

  • Strong experience of minimum 3 years in all fields of ICT Risks in general and in third party risk management in particular
  • Demonstrated expertise within the domain of ICT Risk management or Non-Financial Risk (NFR)
  • Being able to work and liaise with various stakeholders, ranging from technical to non-technical
  • Excellent analytical, reporting and presentation skills
  • Exceptional interpersonal, team building, mentoring, and leadership skills with a demonstrated ability to gain the confidence and respect of senior level executives
  • Strong understanding of ICT risk management, integration with enterprise risk management, and the integration with business strategy
  • Understanding of leading third party risk management platforms and tools including but not limited to ServiceNow, Archer, OneTrust, MetricStream, etc., will be an added advantage
  • Fluency in Dutch and/or French as well as in English
  • Knowledge of, experience with EBA Guidelines on Outsourcing, or PRA SS2/21, or similar in nature and/or scope of applicability
  • Knowledge of applicable related legal & regulatory frameworks, local & European, general & industry-specific
  • Experience with third party risk governance frameworks, guidelines & policies design and implementation, training & awareness

Professional experience is important. But it’s paramount you share our belief in disruptive innovation that puts clients ahead in a tough market. From Day One, your key skill will be to perceive new and better ways of doing things to give your clients an unfair advantage.

Now Take the Next Step

If this sounds like you, we would love to hear from you.

What do we offer:

  • An attractive remuneration package, reflecting your experience, including a company car or a green mobility budget, net allowances, end-of-year bonuses, health insurance, a mobile phone and subscription, laptop and meal vouchers
  • Organised individual learning tracks with access to leading online skills development platforms, to onsite and online teachers and to our global experts
  • A hybrid (on-site/remote) work environment
  • A shared objective to achieve a good work-life balance
  • A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients
  • A diverse, inclusive, meritocratic culture

Apply for this Job

* Required
resume chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel
Our system has flagged this application as potentially being associated with bot traffic. Please turn off any VPNs, clear your browser cache and cookies, or try submitting your application in a different browser. If this issue persists, please reach out to our support team via our help center.
Please complete the reCAPTCHA above.