Third Party IT Risk Manager

Tesco Business Services & Technology (TBST) and Tesco Technology were established in Budapest in 2019, supporting the Tesco retail business in Central Europe and the Tesco Group. TBST and Tesco Technology are part of our global business services and technology organisations within Tesco.

In the UK, Ireland, India, Hungary, Poland, the Czech Republic we operate to offer great value to our customers every day.

In Budapest, our Technology hub currently employs near 100 – and a growing number – of highly trained software engineers and managers who are implementing global software development projects across fulfilment, supplier and product management, online and in-store loss prevention, and our online grocery sites.

Our goal is to bring significant changes to the market by using the latest technologies. We are focusing on a large variety of modern technologies from the backend space and frontend to UX, UI and even data science and engineering.

We are aiming to drive business value through innovation and to create an organization that fundamentally transforms the retail environment.

We put accountability and ownership on the individuals and their teams in order to run a horizontal organization where teamwork is extremely important. With an end-to-end approach, we offer our colleagues opportunities for self-development and career growth.

Our colleagues are the key to our success at Tesco. We foster an environment of openness and collaboration. We draw from the diversity, knowledge and experience of our colleagues. It is all about equal opportunities, no matter who you are, or where you come from, you can get on at Tesco.

Our teams consist of individuals who can truly make a difference. Focussing on building a world-class business services centre alongside cutting-edge technology capability, they are working towards our goal of serving our customers and colleagues a little better every day.

We are expanding our operations locally and we are looking for the best talent. 

 Let’s {code} the together at {Tesco Technology}!

Tesco is a diverse and exciting employer, dedicated to being #aplacetogeton, providing career-defining opportunities to all of our colleagues. If you chose to join our business, we will provide you with:

• Permanent contract from the go – as a sign of our trust in your abilities
• Yearly salary bonus – based on both individual and business performance
• Extensive private healthcare - complex care package including a wide range of specialists, medical services, and free flu vaccination
• Cafeteria 
• Relocation Help - professional service to secure relevant working permits and other necessary documents
• Learning opportunities - certified technical training and learning platforms like Udemy, Pluralsight, and O'Reilly
• Referral Bonus
• A learning culture and excellent opportunities to develop your career within your chosen field or something altogether new
• Varied and exciting projects to play a part in – there is always something new and exciting in the pipeline

If that sounds exciting, then we'd love to hear from you.

#LI-AP1

The Third Party Risk team provides assurance to Tesco by assessing the security risk and criticality of third party (supplier) organisations that store, access, or process Tesco data, or provide a critical service.

You will be responsible for

• Work with suppliers to identify and remediate risks as required and furthermore identifying critical suppliers to Tesco
• Maintain an up-to-date record of all suppliers that access, store, process and provide critical services to Tesco, including the supplier assurance risk register
• Provide high quality risk reports, with guidance and recommendations, to enable senior business owners to make the most appropriate risk decisions relating to the use of the supplier
• Monitor on-going compliance of suppliers within set schedules depending on the risk profile of the supplier
• Work closely with the relevant business owners, legal and procurement to ensure third party risks are considered and managed at appropriate points of the supplier lifecycle
• Support Technology colleagues with queries relating to supplier assurance

You will need

• IT audit/risk management, with examples of managing technology risk and compliance within an organisation
• Knowledge of ISO standards in relation to information security and business continuity
• SME level expertise in respect to information security risk management processes, frameworks and procedures
• Leading, planning and conducting interviews with suppliers (or similar stakeholders) to obtain an understanding of the area being reviewed
• Critical thinking with strong attention to detail and good organisational skills
• Strong written, verbal communication and presentation skills, working with all levels of seniority and disciplines within the organisation
• Able to build solid working relationships with peers as well as internal and external stakeholders
• At least one professional qualification such as CISA, CISM, CISSP or equivalent