Lead Analyst – Third Party Resilience

Lead Analyst – Third Party Resilience

Requirements

• Practitioner level knowledge of Supplier Resilience and the developing global regulatory landscape.
• Practitioner level knowledge of ITSM and ITIL standards.
• Practitioner level knowledge of Supplier Resilience End to End (E2E) exercising and testing (including Stressed and Non-Stressed Exit).
• Practitioner level of knowledge of Cyber Resilience.
• Practitioner level knowledge of Supplier Management Frameworks including but not limited to: Supplier Contracts, Service Levels, and the Regulatory requirements, Supplier Performance Reviews, Supplier Due Diligence, Continuous monitoring of Suppliers, Critical Supplier controls creation, Supplier Business Continuity reviews and gap analysis, Joint exercising and testing of Suppliers capabilities, Risk Management of Suppliers, Supplier Service issues resolution, Root Cause Analysis (RCA).
• Excellent written and spoken English language communication skills are a core requirement.
• Discipline relevant bachelor’s degree or equivalent combination of experience and formal education.
• Minimum of three years’ experience in a similar role.
• Detailed knowledge and experience of relevant ISO certification requirements and regulatory requirements / relevant legislation.
• Industry accreditation (preferably at MBCI (or equivalent) level minimum).
• Strong experience in impact analysis & risk assessment design and process.
• Experience in designing, facilitating and reporting on complex, scenario-based Supplier Resilience exercises.
• Capable of executing or fully understanding technology recovery exercise; technology background advantageous.
• Demonstrable experience managing business continuity third party risk process.
• Fusion Risk Management Business Continuity software experience advantageous.
• Emergency notification tool experience advantageous.
• Experience in the design and delivery or management information metrics advantageous.

Responsibilities

• Partner with global Enterprise Resilience team to design and implement the Operational Resilience Supplier (Third Party) Resilience solution across Mastercard.
• Embed Operational Resilience Supplier Resilience as a program within the organisation, built off the foundation of the Enterprise Resilience Disciplines (Operational Resilience, Business Continuity, Crisis Management, Technical Recovery).
• Partner with global Enterprise Resilience staff to understand resilience and to guide Supplier Resilience standardisation where appropriate.
• Have a high level of understanding and comprehension of global Operational Resilience Supplier Resilience regulation and guidelines.
• Implement the Enterprise Resilience Supplier Resilience program structure to align with relevant certification standards (ISO, NIS2, NIST, ITIL, ITSM).
• Partner with team members within the Resilience Planning (RP) function to support regulatory compliance for all jurisdictions in which this business entity operates.
• Perform Critical Service (CS) Supplier Resilience identification and analysis in line with all appropriate regulatory expectations.
• Assess (criticality) and clarify / confirm Impact Tolerance/ Maximum Tolerable Period of Disruption (MTPD) levels for those all Services deemed in scope.
• Partner with appropriate Risk and other (Stakeholder Assurance / Regulatory Affairs) functions to ensure required attestations to regulators and other bodies are made in line with program framework and regulatory expectations.
• Partner with and hold responsibility for other Supplier Resilience tasks such as Service Impact Analysis and risk assessment coordination, business continuity planning and exercises while applying detailed Quality Assurance and support for your business partners.
• Ensuring Supplier Resilience capabilities of third parties are compliant with risk management mandates.
• Perform as a Supplier Resilience subject matter expert to set-up this entity with the proper construct and response model including plans and exercises (some with its’ strategic partners), while supporting the Crisis Management Team during crisis.
• Partner with the team’s technology recovery contact to ensure system impact analysis, recovery plans and exercises are performed as designated by policy.
• Train business partners on the program’s roles and responsibilities and ensure all staff within the entity are knowledgeable of our requirements.
• Build key business relationships within the entity and become a trusted partner to further embed a Supplier Resilience Business Continuity culture.
• Provides consultation to management and Identify opportunities to implement process improvements.

Preferred Qualifications

• Fusion Risk Management Business Continuity software experience advantageous.
• Emergency notification tool experience advantageous.
• Experience in the design and delivery or management information metrics advantageous.