Third Party Security Manager
Lancashire or Bristol or Surry or Kent or Ipswich
£38,000 - £68,400
Generous - see below
What you will be doing
1. Accountable for setting, agreeing and maintaining the Third-Party Security Functional Plan with the Head of Security Assurance & Controls and organising the Third-Party Security Team to effectively deliver that plan.
2. Responsible for establishing, agreeing and continuously assessing the materiality and priority of Third-Party supplier assessment.
3. Lead on aligning and optimising the approach and procedures used to assess Third-Parties with the Groups requirements and industry leading industry practice.
4. Responsible for logging, tracking and reporting the progress of all Third-Party assessments.
5. Ensure that all Third-Party Security consultancy, recommendations and advice provided to Third-Parties and Stakeholders meet the requirements of (for example) the Group Security Policy, Standards and Minimum Technical Security Baselines (MTSBs).
6. Responsible for the timely provision of supplier due diligence support prior to establishing a Master Service Agreement and signing contracts
7. Engage with subject matter experts in the wider UK Security Function and Group Technology Operations (GTO) to ensure that the approach to Third-Party Security Assessment keeps pace with technological developments that could present new Third-Party Security risks
8. Accountable for the development, training, cross functional collaboration and succession planning to raise the capability, efficiency and performance of the Third-Party Security Team and wider UK Security Team.
What we can offer you
Bonus Scheme linked to yours and the company’s performance
Pension scheme with employer contributions as well as your own
35 hour working week
28 days holiday increasing with service plus bank holidays
Interest free season ticket loan scheme
Share Plan Scheme Flexible benefits scheme
Discount on all Insurance products, including insurance, breakdown cover & healthcare
Who are we looking for?
Degree level qualification or equivalent work experience
Relevant professional qualifications e.g. CISSP, CISM, CISA, CRISC, MIISP, desirable but not essential
Skills & Knowledge
In depth experience of Security domains, control environments, architectures, tracking tools, reporting metrics and risk management.
Excellent communication, interpersonal skills and behaviours.
In depth knowledge of one or more sets of business processes, applications or key technologies (e.g.
Networks, desktop and mid-range infrastructure, communication technologies) in use within the Company
Excellent understanding of systems life cycles and project management.
Ability to assimilate information quickly, clearly identify key issues and present information concisely.
Ability to develop and maintain a wide network of contacts across the business.
Ability to be Self Sufficient and motivate staff.
Extensive Third-Party Security Management and / or IT Security or risk experience in a large commercial organisation.
| || |
| || |
| || |
| || |
| || |