Information Security Supplier Assurance Consultant
Well known Financial Services Firm urgently require an Infosec Security Supplier Assurance Consultant to join their Infosec team to assist with a large scale third party supplier initiative.
The role is 100% remote initially, with flexibility to WFH in the future. The role sits inside IR35.
The candidate will must have the following experience:
Extensive Third-Party Supplier Assurance experience i.e.
Assist the business in completing Business Impact Assessments (BIAs)
Reviewing supplier questionnaires and analysing control deficiencies for potential risks
Agreeing and tracking remediation plans with suppliers
Negotiating security clauses into supplier contracts
Conducting remote site visits on suppliers
Assisting with risk acceptance sign offs
Articulating supplier risk and threat reports to senior stakeholders
Assisting with risk committee activities
Provide concise risk reports that can be understood by all business stakeholders,
Formulate a risk evaluation process
Participate in improving the risk management process
Ensure that the business understands risk acceptance, legal liability and corporate accountability
GRC tooling experience i.e.
Continually revise and improve assessment questionnaires
Continually assess and improve the assessment process
Participate in the improvement of the GRC tool and supporting tools
Maintaining internal processes and guideline documentation
Work closely with the managed service
Educate team members in the area of security supplier assurance
Must have worked within a highly regulated environment.
Get in contact at James.Maran@LaFosse.com