Job Title: Cyber Security Third Party Risk Management Lead
Job Summary:
We are seeking a seasoned Cyber Security Third Party Risk Management Lead to spearhead the development and implementation of our third-party risk management framework. This role is a crucial part of safeguarding our organization against external threats.
This position involves designing, implementing, and overseeing a robust third-party risk management program that ensures all external vendors, suppliers, and partners align with our security, compliance, and operational risk standards.
The successful candidate will have at least 5 years of experience in third-party risk management, vendor management, IT risk, compliance, or a similar role. They must possess strong communication and stakeholder management skills, as well as experience with risk assessment tools and methodologies.
About Us:
We offer a competitive salary, a leading benefits package, including pension and increased holidays, and the opportunity to work in a hybrid model with city-centre offices.
Responsibilities:
* Design and implement a third-party risk management framework aligned with regulatory, legal, and business requirements.
* Conduct initial and ongoing risk assessments of third-party vendors, ensuring compliance with industry standards and best practices.
* Develop and maintain ongoing monitoring mechanisms for third-party risks, ensuring timely remediation of identified issues.
* Conduct in-depth supplier IT risk assessments by reviewing supplier answers to the cyber supplier questionnaire, documenting controls and identifying gaps and inconsistencies.
* Develop a new, streamlined onboarding process using workflow automation, rules, formulas, and interactive questionnaires, significantly reducing onboarding time and automating third-party vendor risk profiling.
* Conduct internal scoping assessments with business and project owners to accurately tier suppliers and categorize them based on risk levels and business criticality.
* Perform in-depth due diligence reviews on vendors to proactively identify any potential risks associated with services.
* Manage relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities.
Requirements:
* Bachelor's or Master's degree in Risk Management, Cybersecurity, Business Information Systems, or a related field.
* Relevant certifications such as CISM, CISA, CISSP, or CRISC are advantageous.
* At least 5+ years of experience in third-party risk management, vendor management, IT risk, compliance, or a similar role.
Benefits:
We offer a competitive salary and a leading benefits package, including pension and increased holidays.
Apply Now:
To speak in confidence about this opportunity, please send an up-to-date CV via the provided link.