Third Party Information Risk Analyst

Career Category

Job Description

HOW MIGHT YOU DEFY IMAGINATION?

Join our team at AMGEN Capability Center Portugal, number 1 company in Best Workplaces - https://www.greatplacetowork.pt/ - ranking in Portugal (category 201-500 employees) by the Great Place to Work Institute. We have a team of over 300 talented people and more than 35 different nationalities, diverse areas of expertise and professional experience that are shaping the future of healthcare. This is your chance to explore a world of opportunities in different areas such as Cybersecurity, Data & Analytics, Digital, Technology and Innovation, Finance, General & Admin, Human Resources, Regulatory Affairs and many more. In Lisbon's city center, our AMGEN office fosters innovation, excellence, and inspiration. Come thrive with us at AMGEN, supporting our mission To Serve Patients. What we do at AMGEN matters in people’s lives.

LIVE

THIRD-PARTY RISK ASSESSMENT SPECIALIST

WHAT YOU WILL DO:

As a Third-Party Risk Assessment Specialist to join our Information Security team you will play a critical role in focusing on ensuring that security risks associated with third-party vendors are identified, assessed, mitigated, and monitored effectively.

You’ll have responsibility for reviewing security terms and conditions in contracts, especially redlined sections by counterparties, and collaborate with Legal, Strategic Sourcing, and business owners to ensure compliance with internal security standards.

Key Responsibilities of the role:

• Perform comprehensive security assessments of third-party vendors, identifying potential risks and control gaps.
• Review and negotiate security clauses in contracts that are redlined by counterparties, ensuring they align with organizational security policies and risk appetite.
• Collaborate with Legal, Strategic Sourcing, and business owners during contract review and vendor onboarding processes to address security risks.
• Provide subject matter expertise on security controls, frameworks (e.g., ISO 27001, NIST), and risk mitigation strategies.
• Maintain an inventory of approved security terms for contract negotiations and support the continuous improvement of the contract review process.

WIN

WHAT WE EXPECT OF YOU:

Our Ideal candidate:

• Educated to degree level in Information Security, Computer Science, or related field (or equivalent experience).
• Demonstrable experience in third-party risk management, information security, or a related field.
• Strong understanding of security frameworks and controls (e.g., ISO 27001, NIST, SOC 2).
• Experience in reviewing and negotiating security clauses in contracts.
• Familiarity with risk mitigation strategies and monitoring methodologies.
• Ability to collaborate effectively with cross-functional teams, including Legal and Procurement.
• Excellent written and verbal communication skills, with the ability to convey technical security concepts to non-technical stakeholders.

Preferred:

• Industry-recognized certifications (e.g., CISSP, CISA, CISM, CRISC).
• Experience with third-party risk management tools and systems.
• Knowledge of regulatory requirements and data privacy standards (e.g., GDPR, HIPAA).

THRIVE

WHAT YOU CAN EXPECT OF US

• Vast opportunities to learn, develop, and move up and across our global organization.

•  Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act.

• Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits.

• Flexible work arrangements.

APPLY NOW FOR A CAREER THAT DEFIES IMAGINATION

In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us.

CAREERS.AMGEN.COM

EQUAL OPPORTUNITY STATEMENT

Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.