GRC – Vendor Risk Management Analyst

Ryanair Labs are currently recruiting for a Vendor Risk Management Analyst to join Europe’s Largest Airline Group!

This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years.

Ryanair Labs is the technology brand of Ryanair. Labs is a state of-the-art digital & IT innovation hub creating Europe’s Leading Travel Experience for our customers.

The Role:

The Third Party Risk Management Analyst will oversee the communications, monitoring, and quality review of required activities for active and prospective third party vendor services, with a focus on identifying and mitigating cybersecurity risks to protect the organization’s data and systems.

Third Party Risk Management Senior Analyst will oversee the communications, monitoring, and quality review of required monitoring activities for active and prospective 3rd party vendor services.

• Manage Third Party Risk Management Program to develop, enhance and implement program and provide oversight and governance of it.
• Performing the vendor risk assessment process including the review and scoring of risk questionnaires and completing the overall risk assessment.
• Supports the development and maintenance of a master vendor list including data cleansing, validation and de-duplication.
• Reporting and monitoring of vendor risk; including data collection and analysis, periodic ongoing reporting and monitoring.
• Ensure that potential issues are raised promptly to senior management with a view to identify options to mitigate risk.
• Supports business relationships with the vendors and internal stakeholders to ensure successful vendor assessment program.
• Ensures alignment of the program with compliance requirements – PCI, GDPR. Assist with aligning vendor controls to show how they are mitigating information security risk.
• Understands technical implementation details necessary to identify and assess vendor security risks and recommend mitigating controls.
• Work with the Information Security Technical teams to communicate technical risk to the business leaders.

• Must have prior experience on a Cybersecurity team.
• 2+ years of experience in Cyber Sec Third Party Risk Management, Information Security, Cyber Security.
• Proven experience with data administration and analysis, with a focus on cybersecurity risk data.
• Preferable certifications:
  CISA, CISSP, CISM or other cybersecurity-related certifications
  .
• Experience with industry standard security frameworks such as
  NIST, ISO, COBIT
  .
• Knowledge of
  One Trust, JIRA and Service Now
  is an advantage.
• A competitive but flexible technical career plan.
• We believe in an hybrid working model, you can work up to three days per week remote, but you are also going to enjoy the excellent work environment at our modern offices in the heart of Madrid.
• Optional discounts on
  health insurances (various companies).
• Travel discounts, of course!

Apply today to discuss the role in more detail!