Share this Job

Vendor Risk Assessment Analyst - APAC

Date:  08-May-2021

Sydney, NSW, AU

Department:  Internal Client Services

We’re looking for a sharp analytical thinker who’s an adept Reliability Engineer to join our Global Technology Services practice.


What will your typical day look like?
The Vendor Risk Assessment Analyst is an expanding role and entails driving a vendor risk assessment process that is being rolled out globally. The role includes conducting 3rd party risk assessments, management of the VRA framework, enhancement of the framework, and serving as the subject matter expert in assisting adoption and execution of vendor risk processes within the member firms.

In this role you will:
•    Participate in assessment of vendor risk, develop mitigation plans and partner with internal stakeholders to manage responsibility
•    Help ensure strong oversight of all vendors’ risks and provide member firms and business partners visibility of existing and emerging risks
•    Prepare and complete risk assessments and assist with policy, regulatory and accreditation audit preparation
•    Drive towards a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/ State Regulatory requirements
•    Facilitate maintenance and administration of the VRA platform (ServiceNow)
•    Provide guidance to the business, procurement and other stakeholders to ensure requirements of VRM are fully understood
•    Support development and execution of a robust communication and training plan to facilitate the effective application and awareness of VRM
•    Monitor risk findings, remediate resolution including development and execution of corrective action plans, and ensure follow-on reporting and monitoring
•    Analyze, update, and modify procedures and processes to identify and continuously implement vendor risk management process improvements
•    Stay informed about the latest developments in the vendor risk management field
•    Improve awareness of operational risks faced by Business from vendor failure/poor performance and work with Strategic Sourcing/Legal/Business to mitigate any losses through vendor compensation achieved through establishment of robust contracts
•    Perform any other job-related instructions, as requested, with reasonable accommodation


About the team 
In Global Technology Services, we make an impact by providing leading edge technology products and support to the entire Deloitte organization. We offer innovative technology solutions that cross borders and help Deloitte deliver and connect with their clients, their communities, and one another in ways they never thought possible.


Enough about us, let’s talk about you. 
You are someone with:

•    One to three (1-3) years of Information Security or IT audit experience 
•    Experience working in a large and complex and global environment
•    Experience working in Cyber Risk, Business Risk Management, Operational Risk, Internal Audit, and/or Controls related function preferred
•    Familiarity with Vendor Risk Assessments and production of Risk Analysis Reports
•    Experience in management of vulnerability and/or risk remediation
•    Specific knowledge of applicable concepts and methodologies such as continuous quality improvement and auditing experience
•    Advanced communication skills (both verbal and written)
•    Communication of technology issues to both technical and leadership personnel and negotiate to a mutually beneficial conclusion
•    Interactions with vendors and/or 3rd parties

•    Professional IT or Security management certification desired
•    One or more of CISA or CRMA preferred; CISSP, CCSP, CISM, GIAC certifications beneficial


Why Deloitte?
At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential. Deloitte Australia opens the door to a career that can cross borders virtually and physically across Asia Pacific to gain experience and access projects beyond Australia’s borders. We value difference, and embrace people with diverse backgrounds, experiences, gender identities, abilities and thinking styles. Knowing that people work best in a variety of ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated. 

We’re committed to continually building a safe and respectful workplace, where all our people feel appreciated and accepted. Through the creation of endorsed employee-led diversity networks which promote cultural, disability, LGBTI+, Aboriginal and Torres Strait Islander people and gender equality, we’re leading the way to shape an environment where everybody can thrive. 

We are proud to have been recognised for our efforts in inspiring change and accelerating progress – check out our careers site for recent recognition in this space.

Next Steps 
Sound like the sort of role for you? Apply now.

By applying to this job, you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte employee experience globally.


At Deloitte, we know we’re at our best when we look out for one another; prioritise respect, fairness, development and wellbeing; foster an inclusive culture and embrace diversity in all forms. All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance or an accommodation during the application process for accessibility reasons this is available upon request. 


The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.