Information Security Supplier Assurance Consultant
Well known Financial Services Firm urgently require an Infosec Security Supplier Assurance Consultant to join their Infosec team to assist with a large scale third party supplier initiative.
The role is 100% remote initially, with flexibility to WFH in the future. The role sits inside IR35.
The candidate will must have the following experience:
Extensive Third-Party Supplier Assurance experience i.e.
- Assist the business in completing Business Impact Assessments (BIAs)
- Reviewing supplier questionnaires and analysing control deficiencies for potential risks
- Agreeing and tracking remediation plans with suppliers
- Negotiating security clauses into supplier contracts
- Conducting remote site visits on suppliers
- Assisting with risk acceptance sign offs
- Articulating supplier risk and threat reports to senior stakeholders
- Assisting with risk committee activities
- Provide concise risk reports that can be understood by all business stakeholders,
- Formulate a risk evaluation process
- Participate in improving the risk management process
- Ensure that the business understands risk acceptance, legal liability and corporate accountability
GRC tooling experience i.e.
- Continually revise and improve assessment questionnaires
- Continually assess and improve the assessment process
- Participate in the improvement of the GRC tool and supporting tools
- Maintaining internal processes and guideline documentation
- Work closely with the managed service
- Educate team members in the area of security supplier assurance
- Must have worked within a highly regulated environment.
If you feel you are a good fit, please do not hesitate to contact Molly Lamb at Molly.Lamb@lafosse.com