- Manage vendor risks as defined by the Technology Vendor Risk Management process and procedures.
- Perform daily tasks using operational GRC toolsets (Governance Risk and Compliance)
- Audit the initial approval of new vendor relationships to ensure vendor approval policies are being followed and to identify specific risks that should be monitored.
- Act as a resource to Business Division Leaders and Senior Leadership to assist in the monitoring and analysis of identified risks and performance metrics.
- Perform periodic reviews of Third-Party vendors to confirm risk rating.
- Guide business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
- Apply technical knowledge of Quality System Controls to reviews vendors ability to perform, quality audits, review quality events, document control and training management.
- Reports to the Sr. Manager Vendor Risk Management of the Enterprise Security division. The scope of this position is Abbott wide and considers the information security implications unique to all Abbott divisions when implementing governance and risk management strategies.
- 2-3 years demonstrated experience using Archer GRC tool.
- 2-3 years demonstrated experience completing and managing vendor risk management assessments.
- Other Requirements: Candidate must possess strong analytical skills, an ability to work independently, inquisitiveness about different aspects of Abbott’s businesses, desire to help others, and interpersonal skills that allow the candidate to work collaboratively with both internal and external customers.
- Demonstrated experience with Archer Engage and/or other vendor management software for tracking and managing the vendor management lifecycle.
- Understanding of procurement & risk processes is an added advantage.
- Ability to multitask and to complete difficult assignments within tight deadlines.
- Skilled at managing issues through to resolution
- Knowledge of information security and risk control
- Demonstrated in-depth knowledge of concepts, best practices, and controls in a breadth of information security areas/domains.
- Collaborate across multi-departments to promote industry best practices and strategic organizational security efforts the development of our IT security policies.
- Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, HITRUST and FedRAMP Information Security standard and the ISO 22301 Business Continuity Standard.
- Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance)
- Possess CISSP/CISM certification (or similar) and be knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.
- Lead Auditor Training for ISO 13485, or ISO 9001 (ASQ), or relevant experience, for Quality Systems/GXP-impacting assessments and audits.
Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.
In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact hr@horizontal.com.
All applicants applying must be legally authorized to work in the country of employment.
Success!
You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.
We’re sorry!
There are currently no open positions in your location or accepting applications from out of the country
Return to Home