Principal Security GRC Analyst
My East Midlands based client are recruiting for a Senior Security professional who specialises in Governance, Risk, Complaince & 3rd party assurance.
This role is be resposible for ensuring compliance with regulations and internal controls by performing supplier assurance evaluations, identify control deficiencies, recommending improvements in internal control structure and conducting independent assessments of third parties. The role will span across both 1st and 2nd line of defense.
- Ensure adequate controls are adhered to when onboarding new vendors.
- Working with the 1LOD and 2LOD teams to develop and maintain risk profiles for key third parties
- Responsible for conducting timely security impact assessments of third party suppliers.
- Assist in the improvement of risk management and Information Security controls within the Group.
- Ensure all activity is compliant with frameworks, NIST, GDPR etc.
- Ensure assurance portfolio of third party suppliers remains full and current.
- Ongoing third party security assessments
- Third party security risk reporting and metrics
- Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
- IT and cybersecurity policies and standards
- Operational risk frameworks
- Third Party Risk Frameworks
- Regulatory compliance
- Third Party Risk Management leadership
This is a fantastic opportunity to shape the 3rd party risk function for a market leading brand, working with numerous large scale vendors. This role sits in a newly established function that has huge expansion plans on the horizon, thus providing the chance to own processes and offering fantastic career growth opportunities.
The client offer a heavily remote working environment, with you only needing to in be the Nottingham office 1-2 dayw per month, once things return to normal. The position is paying up to £76,000 + a strong bonus & double matched pension scheme.
Please apply to this advert and send your CV to email@example.com to discuss further.
Keywords: Security, GRC, 3rd party, Third Party, Supplier Assurance