IT Vendor Risk Manager

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 
 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

The IT Vendor Risk Manager is part of the Risk Management line 1.5 defense, working with IT risk owners to ensure controls are effective and managed. The individual will be primary responsible for overall vendor management, including but not limited to vendor contracting, performance management (e.g., KPIs and SLAs tracking, risk and compliance management in line with regulatory and legal requirements, and continuous improvement), and risk management (e.g., due diligence).

Job Responsibilities:

• Oversee IT vendor management and manage risks associated with IT vendors 

• Manage contracting processes with contract owners and relevant SME, ensuring all vendor agreements align with NETS policies and regulatory requirements 

• Track and review vendor performance against defined KPIs and SLAs, ensuring vendors fulfil performance standards.

• Continuously monitor vendor security posture through due diligence performed by contract owners to track compliance and performance 

• Monitor third party activities throughout TPRM lifecycle to ensure compliance with regulatory and NETS requirements, supporting review conducted by SME and perform assessments to mitigate risks.

• Drive initiatives for continuous improvement in vendor management processes, enhancing efficiency and effectiveness to align with evolving security standards, regulatory requirements, and emerging risks in third-party ecosystems Conduct thorough due diligence on potential vendors to ensure they meet NETS standards for reliability, security, and compliance 
• Provide periodic reporting on vendor performance, risks, and compliance to senior management and other stakeholders.
• Collaborate with internal stakeholders, including Technology division, Finance, Risk and Compliance, Legal to align vendor management standards with business objectives and requirements.

Requirements:

• Degree in Information Technology, Business Administration, or a related field
• Minimum 7-9 years of experience in IT vendor management, procurement, or a related area
• Proven experience in managing vendor relationships within the payments industry including vendor performance management and dispute resolution
• Strong understanding of regulatory and legal requirements related to IT vendor management
• Exhibit strong risk mindset, ensuring rigorous execution and adherence to best practices in line with industry.
• Excellent analytical skills with the ability to assess vendor performance, track KPIs, and develop improvement plans
• Good written and verbal communication skills
• Strong problem-solving skills with a proactive approach to identifying issues, developing solutions, and implementing changes to improve vendor management processes
• Certifications such as CISA, CISM, CISSP, CRISC or any relevant certification is an advantage

Network for Electronic Transfers (Singapore) Pte Ltd.