Third-Party Risk Management Officer in London

The Third-Party Risk Management team oversee all of AVEVA's suppliers to ensure that they do not represent an unacceptable risk to the business or fail to meet minimum security requirements. The job requires a broad understanding of procurement concepts, security, regulation and capacity to engage with a range of stakeholders. The team are currently stretched dealing with an influx of suppliers that need to be assessed to help AVEVA meet its regulatory obligations; this will be a fast-paced role focused on delivering tangible business outcomes.

Key responsibilities

• Manage and assess Third-Party Suppliers to identify security risks and issues.
• Communicate risks and issues to a range of stakeholders (including supplier) in a clear and actionable way to drive improvements across AVEVA's supply chain.
• Communication and relationship building skills, and the ability to navigate sometimes complex requirements with a range of stakeholders.
• Assist external suppliers with their maturity to improve their organisational and technical measures to ensure information security is baked into their processes, and the technology and/or technology services they provide to AVEVA.
• Assist in maturing processes and tooling to streamline Third-Party Risk Management processes.
• Data Analysis, data entry and report production in TPRM tooling.

Essential requirements

• Good communication and engagement skills with the capacity to explain issues to a range of audiences.
• Good knowledge of procurement concepts, tools and processes.
• Basic knowledge of contract law.
• Intermediate security knowledge including a working knowledge of ISO 27001 and NIST Cyber security framework.
• Basic understanding on NIS 2 and EU CRA regulations.
• Capacity to drive process management improvements, including design and application to standard operating procedures.
• Capacity to promote AVEVA's interests with a range of suppliers that have security issues or need to address risks.

Desired skills

• Critical thinking skills to generate business value and to identify opportunities for improvements.
• Tenacity to drive improvements and enhancements to suppliers' security controls to mitigate risks identified to AVEVA through its supply base.
• Experience of TPRM tooling such as Riskonnect.

Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud. As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cyber security, you’ll find fulfillment and opportunity in our team.

UK Benefits include:

• Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.

Hybrid working

We work in a hybrid way at AVEVA. Most roles are based at a local AVEVA office, with an expectation of being on-site 50% of your working hours to support collaboration and connection. Some positions are fully office-based depending on the nature of the work, and certain roles that support specific customers or markets may be remote. The working arrangement for this position will be confirmed during the hiring process.

Hiring process

Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.

About AVEVA

AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably. We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy.

AVEVA requires all successful applicants to undergo and pass a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third-party personal data may involve additional background check criteria. AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.