Security vendor Assurance Consultant2023-03-18T11:49:34+00:00
Security vendor Assurance Consultant Job Vacancy in London, England, UK
Apsley Recruitment Limited
We have an exciting opportunity for a Security Vendor Assurance/Supply Chain Manager to be a key member of our growing Security Function. As part of the role you will be the Subject Matter Expert (SME) and point of contact for information security related supply chain & 3rd party assurance (including Cloud services), contractual and legal requirements to manage information security requirements.
Key responsibilities
Undertake vulnerability risk assessments where required.
Participate in Security Incident Management process.
Provide reporting to KPIs for areas of responsibility
Develop policies and procedures within their subject area, where required
Own and maintain, responsibility for making updates, as well as the implementation of the policy and procedure.
Engages with, assists internal and external business stakeholders to resolve matters within subject area/s.
Provides support to the Security Champions Network.
Identifies and ensures compliance against information security controls required to safeguard supplier access, storage and processing of intellectual property, assets and systems.
Identify and mandates information security controls for suppliers that provide IT & IT Engineering infrastructure and services (eg Cloud and software development).
Undertakes security assessments of existing and new suppliers as per policy and procedures
Assist legal in the development of security compliant supplier contracts/agreements, that consider the requirements to address security risks.
Assists in the review and interpretation of regulatory and legislative security requirements. Documents in policy/procedure and implements security requirements where required.
Monitor, review and audit the on-going compliance of 3rd party suppliers.
Work with the Business Partnering function to address information security compliance requirements.
Qualifications
Demonstrable experience of working in a similar DEDICATED role in a large organisation or consultancy.
Client facing, and able to support clients and their environments across a wide technology stack.
Strong communication skills, both verbally and in writing.
Strong understanding on security industry standards and best practise including ISO
Ability to credibly coordinate between technical teams and business stakeholders.
Any certifications within the following are highly desirable: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) CSSLP (Certified Secure Software Lifecycle Professional) Cisco – CCIE Security, CCNP, CCSP, CCNA
This role would suit someone with experience of managing large and complex international supply chains within a manufacturing or other similar high-volume industry. We are looking for a specialist in this field, not a generalist with some experience. Please do not apply if you do not neet the criteria above. Candidates need to hold, or be eligible to gain UK SC Clearance.
