Third Party Security Manager

Information Security Solutions
14 Apr 2018
20 Apr 2018
Contract Type
Full Time
What you will be doing

- Accountable for setting, agreeing and maintaining the Third-Party Security Functional Plan with the Head of Security Assurance & Controls and organising the Third-Party Security Team to effectively deliver that plan.
- Responsible for establishing, agreeing and continuously assessing the materiality and priority of Third-Party supplier assessment across the UK & I business footprint.
- Lead on aligning and optimising the approach and procedures used to assess Third-Parties across the UK Business footprint with Group requirements and industry leading industry practice.
- Responsible for logging, tracking and reporting the progress of all UK&I Third-Party assessments in the Group Third-party tool or suitable alternative.
- Ensure that all Third-Party Security consultancy, recommendations and advice provided to Third-Parties and Stakeholders meet the requirements of (for example) the Group Security Policy, Standards and Minimum Technical Security Baselines (MTSBs).
- Responsible for the timely provision of supplier due diligence support prior to establishing a Master Service Agreement and signing contracts
- Engage with subject matter experts in the wider UK Security Function and Group Technology Operations (GTO) to ensure that the approach to Third-Party Security Assessment keeps pace with technological developments that could present new Third-Party Security risks to the UK&I business.
- Accountable for the development, training, cross functional collaboration and succession planning to raise the capability, efficiency and performance of the Third-Party Security Team and wider UK Security Team.

Who are we looking for?


Degree level qualification or equivalent work experience
Relevant professional qualifications e.g. CISSP, CISM, CISA, CRISC, MIISP, desirable but not essential

Skills & Knowledge

- In depth experience of Security domains, control environments, architectures, tracking tools, reporting metrics and risk management.
- Understanding of the workings of UK General Insurance.
- Excellent communication, interpersonal skills and behaviours.
- In depth knowledge of one or more sets of business processes, applications or key technologies (e.g. Networks, desktop and mid-range infrastructure, communication technologies)
- Excellent understanding of systems life cycles and project management.
- Ability to assimilate information quickly, clearly identify key issues and present information concisely.
- Ability to develop and maintain a wide network of contacts across the business.
- Ability to be Self Sufficient and motivate staff.


Extensive Third-Party Security Management and / or IT Security or risk experience in a large commercial organisation

What we can offer you

- Bonus Scheme linked to yours and the company’s performance
- Pension scheme with employer contributions as well as your own
- 35 hour working week
- 28 days holiday increasing with service plus bank holidays
- Interest free season ticket loan scheme
- Share Plan Scheme Flexible benefits scheme
Discount on all Insurance products, including insurance, breakdown cover & healthcare

Similar jobs

Similar jobs