3rd Party InfoSec Assurance Specialist

Permanent

Job Reference
3rd Party InfoSec Assurance Specialist
Job Type
Permanent
Location
Area
Remote / WFH
Salary Details
to £70k + Benefits + Bonus
Start Date
ASAP
Key Skills
Information Security Assurance, Third-Party Security Assurance, Due Dilligence, Auditing, Security Threats / Vulnerabilities, Safeguarding, Reviewing Legal Contracts, CISMP/CISA/CISM/CRISC/CISSP
Benefits
Alongside a competitive base salary up to £75k, core benefits include 26 days holiday, 10% non-contributory pension scheme, 4x Life Assurance, 75% Income Protection and Private Medical Insurance. You
Consultant
Ben Gordon
ben.gordon@deerfoot.co.uk
07483 009148

Apply now

Get in touch with us for more information

Job description

Information Security Assurance Specialist
Permanent: to £70,000 + Excellent Benefits + Discretionary Bonus
Remote / WFH – UK Wide
Global Financial Services

As a trusted and preferred recruitment partner to one of the biggest names in the global financial services market for many years, we have been asked to assist in the hire of a permanent Third-Party Information Security Assurance Specialist to join in a fully remote/home-based position.

In this role you will be responsible for assessing and assuring information security of third parties, identifying, and assessing information security threats and risks, evaluating their security posture, and driving forward the move towards continuous assurance.

Role Overview
• Implement and maintain third party information security assurance and risk management standards and processes.
• Contribute to the development and improvement of the third-party information security continuous assessment strategy and processes.
• Conduct due diligence and assessment of third-party security controls and posture.
• Provide the information security metrics and reporting related to third party supplier assurance.
• Collate, analyse, and track evidence provided and gathered via direct and indirect external sources to understand information risk in the supply chain.
• Communicate third party issues, risks, and other findings identified to stakeholders.
• Work with Legal to ensure third party contracts, service agreements, etc, contain adequate clauses to protect information and information processing services.
• Recommend and work with third parties to improve their level of information security and controls.

Knowledge / Experience Required
• Background in Information Security (InfoSec) and assessing the security of third-party suppliers.
• Due diligence, third party security assurance and auditing techniques.
• Third party information security threats and vulnerabilities, and what may be required to safeguard against them.
• Contracts and/or experience working with Legal teams to review contracts for potential issues or requirements for information security
• Relevant Certifications such as CISMP, CISA, CISM, CRISC, CISSP (or similar)

Remote Working: This is a fully remote working position, and candidates can be based anywhere in the UK.

Benefits Package: Alongside a competitive base salary up to £70k, core benefits include 26 days holiday, 10% non-contributory pension scheme, 4x Life Assurance, 75%