We have an exciting opportunity for a Security Vendor Assurance/Supply Chain Manager to be a key member of our growing Security Function. As part of the role you will be the Subject Matter Expert (SME) and point of contact for information security related supply chain & 3rd party assurance (including Cloud services), contractual and legal requirements to manage information security requirements.

Key responsibilities

  • Undertake vulnerability risk assessments where required.
  • Participate in Security Incident Management process.
  • Provide reporting to KPIs for areas of responsibility
  • Develop policies and procedures within their subject area, where required
  • Own and maintain, responsibility for making updates, as well as the implementation of the policy and procedure.
  • Engages with, assists internal and external business stakeholders to resolve matters within subject area/s.
  • Provides support to the Security Champions Network.
  • Identifies and ensures compliance against information security controls required to safeguard supplier access, storage and processing of intellectual property, assets and systems.
  • Identify and mandates information security controls for suppliers that provide IT & IT Engineering infrastructure and services (eg Cloud and software development).
  • Undertakes security assessments of existing and new suppliers as per policy and procedures
  • Assist legal in the development of security compliant supplier contracts/agreements, that consider the requirements to address security risks.
  • Assists in the review and interpretation of regulatory and legislative security requirements. Documents in policy/procedure and implements security requirements where required.
  • Monitor, review and audit the on-going compliance of 3rd party suppliers.
  • Work with the Business Partnering function to address information security compliance requirements.
  • Qualifications

  • Demonstrable experience of working in a similar DEDICATED role in a large organisation or consultancy.
  • Client facing, and able to support clients and their environments across a wide technology stack.
  • Strong communication skills, both verbally and in writing.
  • Strong understanding on security industry standards and best practise including ISO
  • Ability to credibly coordinate between technical teams and business stakeholders.
  • Any certifications within the following are highly desirable: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) CSSLP (Certified Secure Software Lifecycle Professional) Cisco – CCIE Security, CCNP, CCSP, CCNA
  • This role would suit someone with experience of managing large and complex international supply chains within a manufacturing or other similar high-volume industry. We are looking for a specialist in this field, not a generalist with some experience. Please do not apply if you do not neet the criteria above. Candidates need to hold, or be eligible to gain UK SC Clearance.

    Apply For This Job

    You can apply for this Security vendor Assurance Consultant job in London, England, UK externally via the button below.

    Apply for this job externally