Banner Default Image
Back to job search

Information Security Supplier Assurance Consultant

Information Security Supplier Assurance Consultant

Well known Financial Services Firm urgently require an Infosec Security Supplier Assurance Consultant to join their Infosec team to assist with a large scale third party supplier initiative.

The role is 100% remote initially, with flexibility to WFH in the future. The role sits inside IR35.

The candidate will must have the following experience:

Extensive Third-Party Supplier Assurance experience i.e.

  • Assist the business in completing Business Impact Assessments (BIAs)
  • Reviewing supplier questionnaires and analysing control deficiencies for potential risks
  • Agreeing and tracking remediation plans with suppliers
  • Negotiating security clauses into supplier contracts
  • Conducting remote site visits on suppliers
  • Assisting with risk acceptance sign offs
  • Articulating supplier risk and threat reports to senior stakeholders
  • Assisting with risk committee activities
  • Provide concise risk reports that can be understood by all business stakeholders,
  • Formulate a risk evaluation process
  • Participate in improving the risk management process
  • Ensure that the business understands risk acceptance, legal liability and corporate accountability

GRC tooling experience i.e.

  • Continually revise and improve assessment questionnaires
  • Continually assess and improve the assessment process
  • Participate in the improvement of the GRC tool and supporting tools
  • Maintaining internal processes and guideline documentation
  • Work closely with the managed service
  • Educate team members in the area of security supplier assurance
  • Must have worked within a highly regulated environment.

If you feel you are a good fit, please do not hesitate to contact Molly Lamb at