Description

Ryanair are currently recruiting for a GRC - Vendor Risk Management Analyst to join Europe’s Largest Airline Group!

This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years.

Ryanair Labs is the technology brand of Ryanair. Labs is a state of-the-art digital & IT innovation hub creating Europe's Leading Travel Experience for our customers. The Ryanair platform has over 1 billion visits per year. By joining Ryanair, you will develop cutting edge tech solutions inside Ryanair, transforming aviation for Pilots, Cabin Crew & Ground Ops, as well as driving the tech experience for our customers on Europe’s largest travel website!

Ryanair Labs has more than 600 employees across our offices in Dublin, Madrid, Poland, and Portugal. Our plan is to continue to grow our IT Labs Team so we are always on the lookout for the best talent. Apply today for more information.

Third Party Risk Management Senior Analyst will oversee the communications, monitoring, and quality review of required monitoring activities for active and prospective 3rd party vendor services.
 

• Manage Third Party Risk Management Program to develop, enhance and implement program and provide oversight and governance of it.
• Performing the vendor risk assessment process including the review and scoring of risk questionnaires and completing the overall risk assessment.
• Supports the development and maintenance of a master vendor list including data cleansing, validation and de-duplication.
• Reporting and monitoring of vendor risk; including data collection and analysis, periodic ongoing reporting and monitoring.
• Ensure that potential issues are raised promptly to senior management with a view to identify options to mitigate risk.
• Supports business relationships with the vendors and internal stakeholders to ensure successful vendor assessment program.
• Ensures alignment of the program with compliance requirements – PCI, GDPR. Assist with aligning vendor controls to show how they are mitigating information security risk.
• Understands technical implementation details necessary to identify and assess vendor security risks and recommend mitigating controls.
• Work with the Information Security Technical teams to communicate technical risk to the business leaders.

Requirements

• 2+ years of experience in either Third Party Risk Management, Information Security Risk Management, Compliance. Cyber Security background would be an asset.
• Proven experience with data administration and analysis.
• Preferable certifications: CISA, CISSP, CISM.
• Experience with industry standard security frameworks such as NIST, ISO, COBIT.
• Knowledge of OneTrust, JIRA and ServiceNow is an advantage.

Benefits

• We promote innovation, all our teams are Agile and several PoCs of new technologies or innovative ideas are launched every week.
• A competitive but flexible technical career plan.
• We believe in an hybrid working model, you can work up to three days per week remote, but you are also going to enjoy the excellent work environment at our modern offices in the heart of Madrid.
• Optional discounts on health insurances (various companies).
• Travel discounts, of course!

Competencies