My client, an Financial Services firm based in Redhill, Surrey, are looking for a Third Party Security Manager to join their growing team. You will have to be in the office 2 days per week.
About the Third Party Security Manager:
The purpose of this role is to deliver business enabling Third-Party Security Management Services across my client in an effective, timely, consistent and professional manner. To ensure protection of my client's assets, that are accessible by third parties, and to maintain an acceptable level of information security in line with third-party agreements.
Key Accountabilities:
1. To provide technical consultancy on third party risk and Act as subject matter expert to the business and to other members of the Security team as required.
2.Accountable for setting, agreeing and maintaining the Third-Party Security Functional Plan with the Head of Security Assurance & Controls and organising the Third-Party Security Team to effectively deliver that plan.
3.Responsible for establishing, agreeing and continuously assessing the materiality and priority of Third-Party supplier assessment across the my client's business footprint.
4.Responsible for logging, tracking and reporting the progress of all of my client's ThirdParty assessments in my client's Group Third-party tool or suitable alternatives
5.Ensure that all Third-Party Security consultancy, recommendations and advice provided to Third-Parties and my client's Stakeholders meet the requirements of (for example) my client's Group Security Policy, Standards and Minimum Technical Security Baselines (MTSBs).
6.Responsible for the timely provision of supplier due diligence support prior to establishing a Master Service Agreement and signing contracts
7.Leveraging security tooling such as Black Kite to support risk assessments.
8.Issuing and reviewing a third-party questionnaire through the SIG health check process.
9.To create a third-party security risk report to summarise any findings and actions identified through the assessment process.
10.To assist the rest of UK Security producing risk assessments of Group and third-party tools and platforms, as required.
Qualifications:
•
Degree level qualification or equivalent work experience
•
Relevant professional qualifications e.g. CISSP, CISM, CISA, CRISC, MIISP, desirable
but not essential
Skills & Knowledge:
•
In depth experience of Security domains, control environments, architectures,
tracking tools, reporting metrics and risk management.
•
Understanding of the workings of UK General Insurance.
•
Excellent communication, interpersonal skills and behaviours.
•
In depth knowledge of one or more sets of business processes, applications or key
technologies (e.g. Networks, desktop and mid-range infrastructure, communication
technologies) in use within the Company
•
Excellent understanding of systems life cycles and project management.
•
Ability to assimilate information quickly, clearly identify key issues and present
•
information concisely.
•
Ability to develop and maintain a wide network of contacts across the business.
•
Ability to be self-sufficient and motivate staff.
Experience:
•
Extensive Third-Party Security Management and / or IT Security or risk experience
in a large commercial organisation.
If the above is of interest please apply to this role or call me on 0207 509 8040 to find out more information.
Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates
