Harvey Nash
,
Leeds, West Yorkshire
Information Security Risk & Supplier Assurance Specialist
|
Salary: £50000 - £60000 per annum |
---|
Overview
Information Security Risk and Supplier Assurance Specialist - Permanent - Leeds - up to £60,000 Harvey Nash have been engaged by a leading organisation to source a senior Information Security Risk & Supplier Assurance Specialist to work within their security area. This opportunity will give you a great chance to join a fast paced, growing technology environment on a permanent basis. As an information security specialist you will be responsible for driving the external supplier information & Cyber Security risk management framework - Identifying & assessing the organisations 3rd party Vendors security threats, risks, testing security controls & enhancing security policies for cloud platforms and applications. The successful candidate will ideally have extensive experience in developing appropriate security requirements to sit within the organisations Supplier Risk Framework (SRF) and hold the ability to train supplier managers on the validated requirements. There will be an opportunity to support other key areas such as the Risk Register evaluation, PCI security assurance and Cyber security awareness initiatives and also develop appropriate information security policies and standards in line with regulations. Key Accountabilities: Lead the Information security risk engagement with Procurement, reviewing the current Supplier assurance framework and artifacts Working with Procurement you will develop, build and continually improve the AS-IS and build an in house supplier assurance capability Review existing supplier security classification logic and re-design as necessary Undertaking supplier assessments (remote & onsite) & the writing of corresponding supplier assurance reports Working with various business areas to define the security risk metrics and reporting strategies Developing and maintaining security policies, standards and security guidance both internally and externally facing Experience & Qualifications: A background in devising & improving supplier / vendor cyber security risk assessments & assurance frameworks Good knowledge of control requirements to protect 3rd party hosting e.g cloud platforms & internet facing web apps Analysis & writing of supplier assurance reports, frameworks, policies and standards. Understanding management of 3rd party cyber security threats & risks & the necessary safeguards FCA data security control requirements (desirable) Understanding of industry standards (EBA outsourcing Guidelines & SYSC 8), Supplier compliance & Assurance guidelines and how they link with supplier security assurance. Experience in Retail Banking or a regulatory industry would be desirable. If the above looks like you and you are interested in a new role with a competitive salary & Benefits with a great organisation in Leeds please apply through This job was originally posted as www.cwjobs.co.uk/job/89932004