Vendor Risk Manager

Job Description:

Why AXA? Every day, we work together for human progress by protecting what matters. A mission that puts a smile on your face and makes you want to get up in the morning

One of the world's leading insurers in the protection of property, people and assets, AXA is 145,000 employees and contributors who are committed to our customers on a daily basis, 51 countries in which we distribute our products and services and more than 90 million customers who place their trust in us worldwide. As a responsible corporate citizen, AXA is committed to social and environmental causes on a daily basis. We are committed to an inclusive policy that recognizes and values individual differences. Do these ambitions speak to you? Then come and change the world with us

The headquarters of the AXA Group (GIE AXA) brings together our corporate activities. It provides guidance and support to subsidiaries around the world, to ensure the coordination and monitoring of the Group's global strategy, the application of its standards, the consistency of commercial approaches and the sharing of best practices. The headquarters gathers approximately 1000 employees and is distinguished by its strong international culture (45 nationalities), which makes it a rich and stimulating place to work.

Within the Group, you will join the Finance department. Within Group Finance, you will be part of the Procurement and third-party risk management team who is supporting GIE AXA business teams in their sourcing requests related to General Expenses, Professional Services, IT Services, Software and Market Data.

The team organization includes:

• The Head of Procurement and third-party risk management department
• A buyer for General Expenses and Professional Services
• A buyer for IT Services, Software and Market Data.
• A legal counsel for Procurement contracts
• A manager for critical third-party management (critical outsourcing, DORA third party risk management, vendor risk framework and ESG/CSRD)
• A Procurement support member for Purchase Order approval, procurement support and analyses

The Vendor Risk Manager is responsible for assessing, monitoring, and managing risks associated with third-party suppliers, with a focus on operational resilience, critical outsourcing, regulatory compliance (including DORA, AI, Solvency II, EIOPA), ESG requirements, and alignment with GIE AXA's internal control and Vendor Risk frameworks. The role supports Procurement in ensuring that suppliers meet risk, security, and AXA contractual standards while enabling the business to operate safely and efficiently.

Key responsibilities

• Third-Party Risk Management & Due Diligence
• Follow up with Vendor Risk Framework experts initial and periodic risk assessments for new and existing vendors, including critical and high-risk suppliers,
• Act as the Business Owner of the Third-Party Risk Management (TPRM) tool, ProcessUnity, proactively contribute to the Group Governance to detect requires evolutions of the tool, interact with GIE AXA's user to ensure adequate and efficient use of the tool,
• Monitor ProcessUnity dashboards associated with third-party engagements.
• Regulatory & Policy Compliance
• Contribute to the various tasks in order that all vendor relationships adhere to applicable regulatory obligations, including DORA, EIOPA outsourcing rules, GDPR, and AXA internal policies,
• Contribute to the classification of ICT third parties and follow up required controls, reporting, and documentation are in place for critical outsourcing and DORA,
• Work closely with Legal to embed regulatory requirements into Procurement processes and contract templates.
• Contractual Risk Controls, performance & Documentation
• Support contract drafting by ensuring appropriate risk-mitigating clauses are included (security, audit rights, continuity, data protection, exit plans),
• Maintain accurate and complete vendor documentation, including risk assessments, contracts, amendments, remediation plans, and DORA-related evidence,
• Ensure all ongoing critical vendor performance through SLAs, KPIs, and risk indicators,
• Conduct periodic control reviews and ensure continuous monitoring of critical services.
• Reporting, Registers & Indicators
• Maintain the critical third-party risk registers (DORA, critical outsourcing, ESG, CSRD) and ensure all decisions are documented,
• Prepare reports for the management, risk committees, and regulatory stakeholders.
• Stakeholder Coordination
• Collaborate with key internal stakeholders including:
  • Procurement
  • Risk Management (risk assessments, Vendor Risk Framework)
  • Legal (contract clauses, regulatory integration)
  • Business Owners (needs assessment, performance monitoring, exit plans)
  • Vendor Risk Framework:
  • IT Security (assessments, risk and criticality classification)
  • Business Continuity / Resilience (exit strategies)
  • Data Protection Office (GDPR compliance, DPIAs)
  • Compliance (regulatory adherence)
  • ESG and Reputation
• Act as a central point of coordination for supplier-related risk matters.
• Governance & Continuous Improvement
• Contribute to the development and update of third-party risk management policies, manuals, procedures, and templates,
• Support training and awareness programs on vendor risk requirements across the organization,
• Drive process improvements to enhance efficiency, compliance, and risk transparency.

• Experience in Vendor Risk Management, Procurement, Operational Risk, IT Security, Compliance, or related fields within financial services,
• Knowledge of regulatory frameworks such as DORA, GDPR, EIOPA outsourcing rules, and ESG standards,
• Strong analytical skills and ability to assess complex operational and technical risks,
• Excellent stakeholder-management and, communication skills,
• Familiarity with risk registers, control frameworks, and reporting dashboards,
• Ability to work collaboratively in a matrix environment and manage multiple priorities.

You will join:

• A responsible company, towards people, including its employees and customers, and towards the planet
• A company with strong values
• A company promoting internal mobility and the training of its employees
• A company offering many benefits (learn more here: Reward & Benefits | AXA Group)
• A flexible company, allowing hybrid work, in the office and from home.

In line with our commitments, we celebrate each new hire by taking action for global reforestation: we plant a tree for every recruitment. So, are you ready to apply?