engineer, Information Security and risk - vendor risk advisorCardinal Health

Job Overview:The Vendor Third-Party Advisor is responsible to collaborate with a variety of Cardinal Health business units to discover new vendors being considered for use within Cardinal Health and evaluate the risk of that relationship. This position will be required to review IT risk assessments, third-party certification and audit reports against a given vendor. Upon this review, the Vendor Third-Party Advisor will be required to provide layman's terms descriptions of issues to the business as well as provide an overall opinion of risk to Cardinal Health. Based on the business's decision to move forward with a given vendor, this role is also responsible to work with the vendor to close risk gaps to protect Cardinal Health and its data. This individual is required to quickly learn the various Cardinal Health business units, work autonomously and to escalate issues as they are encountered to meet timelines set forth by the business.Daily Responsibilities:The Vendor Third-Party Risk Advisor will be a dedicated resource managing vendor analysis for all facets of Cardinal Health. Key interactions points will exist within Legal, Compliance and Indirect Procurement.This position is a day shift position that will work with US and Manila based teams and our eGRC (Archer) Vendor Third Party risk portal.Additional responsibilities include:
Compilation and Intake of new vendor relationships
Kicking off assessments with vendors via our Cardinal Health Vendor Portal
Lead evaluations of third-party risk assessments
Facilitates the analysis of, and makes recommendations towards, effective strategies to address vendor risks
Communicate identified gaps and recommended solutions, or compensating controls, to business managers as well as various members of leadership
Understand when issues need to be escalated and/or communicated to Cardinal Health leadership
Stay aware of best practices for risk analysis processes and functions from an industry and strategic standpoint
Know emerging trends and remain vigilant in awareness of new threats
Mediate between vendors and business leaders utilizing knowledge of IT risk within the organization
Demonstrate excellent listening, communication, and facilitation skills
Qualifications:
Bachelor's Degree in related field or equivalent work experience
4+ years experience in related field preferred
2+ years' experience in risk management or audit
Ideal candidate will have excellent communication skills with associates at all levels across the enterprise and the ability to influence others without authority
Proficiency in Microsoft Office products
Prior experience managing risk within third parties, specifically data risk awareness and ability to communicate potential risk impacts a plus
Prior experience in contract negotiation a plus
What is expected of you and others at this level:
Applies comprehensive knowledge and an understanding of risk, compliance and potential impacts to provide approval of vendors for use within Cardinal Health
Propose technical solutions to a wide range of problems to both allow the vendor to meet the businesses needs and minimize exposure of Cardinal Health and its data
Work directly with team lead and legal counsel to recommend proper technical contract language
May contribute to the development of policies and procedures
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.To read and review this privacy notice click
Cardinal Health

Taguig City, Metro Manila
Permanent
Full-time