Supplier Risk Specialist at Pandora

Join to apply for the Supplier Risk Specialist role at Pandora

PANDORA’s Digital & Technology Hub in Warsaw is a key part of the world’s largest jewelry brand, supporting millions of people in expressing their emotions through meaningful jewelry. As one of our fast‑growing global locations, Warsaw Hub plays a vital role in driving digital innovation, delivering scalable technology solutions and supporting our global transformation journey. Our teams work closely with colleagues across the globe, including our headquarters in Copenhagen, to shape the future of digital in retail and e‑commerce. We’re proud of our inclusive, people‑first culture, guided by our values: We Care, We Dream, We Dare, We Deliver.

We are seeking a person with some experience in data protection and cyber security.

Responsibilities

• Conduct information security risk assessments of third‑party vendors, identifying potential threats, vulnerabilities, control and compliance gaps.
• Provide recommendations on vendor selection based on risk analysis and security posture.
• Continuously monitor vendor security posture and risk levels through periodic reassessments and audits.
• Maintain detailed records of vendor assessments and ensure audit readiness.
• Educate vendors on security best practices and required improvements as part of risk mitigation efforts.
• Track, analyze and report on vendor security risks, trends and remediation efforts.
• Develop and enhance the Vendor Risk Management methodologies, processes and tools.
• Stay up to date with emerging security threats, vulnerabilities and regulatory changes that may impact the VRM process.

Desired Qualities and Qualifications

• An excellent communicator with strong negotiation and stakeholder management skills, ideally from working with internal stakeholders to managing vendor relationships. You have an organized and detail‑oriented approach.
• 2+ years of experience within vendor risk management, information security, or a related area.
• Bachelor’s degree in cyber security, information technology, risk management, or a related field.
• Professional English and Polish proficiency, both verbal and written.
• Knowledge of cyber security frameworks, risk assessment methodologies and/or regulatory requirements.
• Experience with vendor risk management tools (e.g., BitSight, OneTrust, CyberVadis, CyberGRX).
• Certifications such as CISSP (ISC2), CISM (ISACA), CRISC (ISACA), or CTPRP (Certified Third‑Party Risk Professional).

Our Offer

• Stable employment on the basis of an employment contract with a basic salary and an achievable annual bonus.
• Hybrid work model (our office is located at Domaniewska 28, with free employee parking available upon prior reservation).
• Attractive discounts on Pandora products.
• Flexible working hours (start 7am‑10am, finish 3pm‑6pm).
• Support for professional competence development (including knowledge sharing, professional training).
• Premium package of MEDICOVER medical care with dental care.
• Generali Life Insurance.
• Sports membership card.
• Benefits available in cafeteria program on the MyBenefit platform.
• Additional days off e.g. for birthdays, health check.
• Subsidy for your home office equipment.
• Employee Pension Plans (PPE).
• Additional benefits under the companys social fund (e.g., holiday or kindergarten subsidies).
• Employee Referral Program.

Seniority level

• Not Applicable

Employment type

• Full‑time

Job function

• Information Technology, Product Management, and Engineering

Industries

• Retail Luxury Goods and Jewelry

Referrals increase your chances of interviewing at Pandora by 2x.

Get notified about new Supplier jobs in Warsaw, Mazowieckie, Poland.