This page was automatically translated and may contain errors. View in English.
Tekir | Tabby

Risk Manager

Tabby | تابي

Riyadh, Riyadh Province, Saudi Arabia · Tam zamanlı

Başvuran ilk kişi siz olun

Deneyim
3-4 yaş
Maaş
Açılışlar
1
Yayınlandı
6 saat önce
Çalışma modu
Ofiste
Sürdürmek
Başvuru yapılması gerekmektedir.

Çalışacağınız yer

İş tanımı

About the Role

In the BNPL (Buy Now Pay Later) sector, operational integrity depends on a seamless chain of vendors including KYC verification, credit data providers, payment processors, and collection agencies. The Risk Manager for Vendor Risk will be responsible for managing these external partnerships from initial evaluation through to offboarding, ensuring vendor risks do not translate into disruptions for customers or regulatory issues.

Key Responsibilities

  • Conduct thorough due diligence of new vendors prior to contract finalization, evaluating financial stability, compliance certifications (SOC 2/ISO 27001), breach history, and subprocessor arrangements.
  • Assign detailed risk ratings with conditions rather than a simple pass/fail for vendors in areas such as identity checks, fraud prevention, credit data, payments, and collections.
  • Collaborate closely with Legal and Procurement teams during contracting to secure critical terms including audit rights, breach notifications, data localization, exit support, and enforceable SLAs.
  • Maintain ongoing risk assessments for existing vendors, prioritizing high-risk and critical third parties with annual in-depth reviews and quarterly monitoring where necessary.
  • Track vendor control changes, subprocessor updates, and adverse media to detect risk drift.
  • Manage a concentration risk register highlighting dependencies and single points of failure, with contingency plans.
  • Engage cross-functionally with Product teams to provide risk input before new vendor integration and prepare risk reports for the Risk Committee and Board that clearly explain issues and guide leadership decisions.
  • Oversee vendor offboarding by ensuring data deletion, access termination, and smooth transition while adhering to contractual and regulatory exit requirements.

Qualifications & Expertise

  • 3 to 4 years experience in third-party, vendor, or operational risk management preferably within payments, lending, banking or fintech sectors where vendor failure impacts customers or compliance.
  • Familiarity with industry standards such as NIST CSF, ISO 27001, SOC 2, and assessment frameworks like SIG or CAIQ. Ability to critically evaluate SOC 2 reports.
  • Understanding of relevant regulations including consumer credit laws, GDPR/CCPA data privacy mandates, PCI-DSS, and outsourcing requirements for critical providers.
  • Experience negotiating vendor contracts to secure favorable terms and enforce SLAs effectively, including standing firm on deal-walk scenarios.
  • Strong ability to communicate complex risk concepts clearly to non-risk stakeholders, and to influence business decisions.
  • Excellent analytical skills for interpreting vendor performance data to inform operational risk management.
  • Professional verbal and written English fluency is mandatory; Arabic language skills are advantageous.
  • Preferred but not mandatory: direct BNPL or consumer credit exposure, experience with bureau and alternative credit data vendors, usage of GRC platforms (e.g. OneTrust, ProcessUnity, Archer), and certifications such as CTPRP, CRISC, CISA, or CISM.

Yanıt almak istiyorsanız bırakın; başka hiçbir amaçla kullanmayacağız.

Göz atmak için tıklayınsürükle ve bırak, veya macun bir ekran görüntüsü

PNG, JPG, GIF, MP4, WebM, MOV · Her biri maksimum 20 MB · En fazla 5 dosya

🤖
Çevrimiçi · Anında Yapay Zeka Yardımı