Job Information
Eastman Third Party Risk Management Analyst in Madrid, Spain
Founded in 1920, Eastman is a global specialty materials company that produces a broad range of products found in items people use every day. With the purpose of enhancing the quality of life in a material way, Eastman works with customers to deliver innovative products and solutions while maintaining a commitment to safety and sustainability. The company’s innovation-driven growth model takes advantage of world-class technology platforms, deep customer engagement, and differentiated application development to grow its leading positions in attractive end markets such as transportation, building and construction, and consumables. As a globally inclusive and diverse company, Eastman employs approximately 14,000 people around the world and serves customers in more than 100 countries. The company had 2023 revenue of approximately $9.2 billion and is headquartered in Kingsport, Tennessee, USA. For more information, visit www.eastman.com.
The Role
We are looking for a Third Party Risk Management Professional will be responsible for overseeing and managing the risks associated with all third-party vendors and partners, focusing on information security. This role involves conducting thorough due diligence, continuous monitoring, and comprehensive risk assessments to ensure compliance with regulatory requirements and company policies. The ideal candidate will have a strong background in information security, risk management, compliance, and vendor management.
Location: Portugal
Responsibilities
Should have solid information security and management experience and knowledge in third party risk management, namely:
Develop, implement, and manage the third-party risk management program with a focus on information security.
Conduct due diligence and risk assessments for new and existing third-party vendors across all departments.
Monitor third-party compliance with company information security policies, regulatory requirements, and industry best practices.
Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to identify and mitigate risks associated with third-party relationships.
Maintain and update a comprehensive database of third-party vendors, including risk profiles, assessment results, and security controls.
Develop and deliver training programs for internal stakeholders on third-party risk management practices, focusing on information security.
Coordinate with the legal and compliance teams to ensure alignment on third-party risk management strategies.
Prepare and present regular reports on third-party risk status, security incidents, and mitigation efforts to senior management.
Stay updated on industry trends, emerging threats, and regulatory changes related to third-party risk management and information security.
Requirements
Education
Bachelor's degree in computer Science, Information Security, Cybersecurity, Risk Management, IT management, IT Engineering.
Experience
Minimum: 2 years+ working Information security Governance, Risk and Compliance.
Preferred: 4 years+ as a Third Party Risk Management professional
Preferred: (preference given to candidates with following):
Other developer technologies
Data analytics.
Project management
Interested?
For further information about this position please send your application via the apply button.
Eastman is committed to creating a powerfully diverse workforce and a broadly inclusive workplace, where everyone can contribute to their fullest potential each day