Startup Jobs
Post a Job
Avaloq

Vendor Risk Manager

Makati City , Philippines
full-time Hybrid

TLDR

Drive the vendor risk assessment process, conducting analysis and reporting to mitigate risks across Avaloq's supplier base.

Avaloq has created a centralized Global Vendor Risk Management (VRM) unit in order to identify, evaluate, manage and mitigate risks associated with our third parties across various risk areas.

The Vendor Risk Manager will work closely with other members of the VRM team to organize and execute the vendor  risk assessment process.  In addition to working with established processes, a key outcome for this position will be to gain a broad understanding of Avaloq’s supplier base, with a view to developing into the position into that of a professional risk analyst capable of conducting supplier risk reviews independently and efficiently.

In general, he/she is responsible for the collection, analysis and reporting operational data and risk metrics in support of the VRM unit and its business unit partners. This professional will gather sufficient strategic, technical and operational information from internal business units and external third party to ultimately understand and communicate the current risks, business challenges and issues. In addition, this professional will gather due diligence on selected vendors and prepare reports on Third Party activities to all participants.

The Vendor Risk Manager will be also in charge of contributing to the maintenance and continuous improvement of the global VRM framework.

Your mission

  • Organize the execution of yearly and on demand Vendor Risk Assessment activities.
  • Plan, organize and follow up of the annual execution.
  • Create the report for management and relevant committees as a result of VRA campaigns.
  • Monitor to significant events and risks related to third parties
  • Perform risk-based due diligence on Avaloq’s third parties to address potential vulnerabilities across various risk areas: Cyber Security, Data Privacy, Financial Health, Business Continuity, Disaster Recovery, Operational Risk, Reputational Risk, among others. Moreover, on-site visits or telephone interviews can be performed on key vendors.
  • Work with stakeholders in the various Business risk areas to complete assessments and execute remediation plans where applicable. Establishing relationships with vendors to implement good collaboration.
  • Collect, develop and analyze Key Performance Indicators (KPIs), and Key Risk Indicators (KRIs).
  • Collect data and provide quantitative analysis of current state, new objectives, supporting metrics and measures, and contribute to proposed solutions.
  • Maintain and expand Third Party Risk Management framework.
  • Improve reporting on TPM risk events
  • Collaborate internally with various stakeholders (Partner management, Procurement, Risk, Data Privacy, Security, Business Continuity

 

  • University Degree in Economics, Engineering, Information Technology or equivalent subjects
  • 5+ years of work experience in Risk Management, Information Security Risk, Operational Risk or Procurement area in a bank, financial institution, or consulting company
  • 1–3+ years in team leadership or mentoring
  • Strong knowledge of TPRM practices across the vendor lifecycle (due diligence, contracts, monitoring, issues, offboarding).
  • Familiarity with common control frameworks and regulations (e.g., ISO 27001/2, SOC 2, NIST, GDPR/DPAs, business continuity, financial viability).
  • Experience collaborating with Legal, Security, Procurement, and business stakeholders; able to translate risk into business terms.
  • Strong problem solving, organizational and time management skills. IT and MS Office suite skills are strongly recommended
  • Ability to influence others through strong written and verbal communication, maintaining cooperative relationships at all levels of the organization, despite differing perspectives

You will get extra points for the following

  • Risk Management/Information Security certifications
  • Experience with TPRM or GRC platforms (e.g., OneTrust, Archer, ProcessUnity, Coupa Risk Aware, ServiceNow VRM, Vanta)
  • Sector‑specific compliance knowledge (e.g., DORA for financial services in the EU, EBA guidelines, GDPR)
  • Exposure to fourth‑party/chain risk, concentration risk, and resilience testing
  • Knowledge in Power BI
  • PMP certification

 

 Avaloq

Avaloq delivers cutting-edge wealth management technology and services tailored for financial institutions, including private banks, investment managers, and retail banks. With a strong global presence and a commitment to research-led innovation, we empower our clients to elevate their financial ecosystems and enhance access to wealth management solutions.

View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Risk Manager Q&A's
Report this job
Apply for this job