Naukrijobs UK
Register
London Jobs
Manchester Jobs
Liverpool Jobs
Nottingham Jobs
Birmingham Jobs
Cambridge Jobs
Glasgow Jobs
Bristol Jobs
Wales Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

3rd Party Information Security Analyst

Resource Solutions
Job LocationLondon
EducationNot Mentioned
SalarySalary negotiable
IndustryNot Mentioned
Functional AreaNot Mentioned
Job TypeContract, full-time

Job Description

3rd Party Information Security analyst10 MONTH ftcLondon basedLarge Insurance clientPurposeThe Information Security Analyst works closely with the third party relationship owners and they are responsible for the completion of all Third Party Risk Management activities for all third parties requiring access to the clients data or network resources. This includes completion of Business Impact Analysis (BIA), Data Protection Impact Assessments (DPIA), security Due Diligence (DD) and risk remediation, assurance and reporting responsibilities. They interact directly with the business and a third party to minimise the risk to the client.Primary duties and responsibilities

  • Support business owners to complete Third Party Risk Management activities.
  • Provide advice and guidance to stakeholders on Information Security Minimum control requirements.
  • Review BIA, DPIA and security due diligence questionnaire(s).
  • Document and implement processes and procedures in relation to Third Party Information Security Assurance. Create assurance schedule to effectively monitor, measure and report control effectiveness and business performance for managing third party risk.
  • Build strong relationships across all Three Lines of Defence (Operations, Risk and Compliance, Audit and Legal).
  • Influence and drive continuous improvement in the area of Third Party Risk management.
  • Work with Legal to ensure that adequate contractual protection is in place.
    • Common Activities
  • Support the business in completing Business Impact Analysis and Data Protection Impact Assessment for all new and existing third parties.
  • Distribute security due diligence questionnaire to all new third party suppliers, assess responses, provide business owners with maturity report, escalate high risk engagements and provide an ongoing assurance programme for high risk and/or critical third parties.
  • Support the business owner and collaborate with other operational teams to embed a third party risk management culture that includes, but is not limited to:
  • Working with third party suppliers to remediate any gaps.
  • Escalating business risks to Information Security Manager where remediation activities cannot be completed within the time available.
  • Building relationships with third parties.
  • Managing and continuously improve third party risk management solution to deliver an effective and sustainable service to the business.
    • Key Competencies:The post holder will be required to demonstrate a minimum of two years relevant professional experience and possess or working towards one or more of the following professional certifications and qualifications: CISM, CISA or ISO 27001 implementer/lead auditor.
  • Understanding of information security, risk management best practice, controls, risk mitigation within the infrastructure, architecture and operational context both within the insurance and market generally
  • An understanding of information security risk management processes, frameworks and procedures
  • Management of third parties - especially offshore, internal business stakeholders and parallel work streams
  • An understanding of outsource vendor governance and security management practices
  • An understanding of information security management processes, practices and technical countermeasures.
  • Information Security delivery expertise within a multi-stakeholder environment with a demonstrable ability to negotiate compromise and gain stakeholder buy in
  • Understanding of Data Protection legislation
  • General understanding of Data Protection and associated regulatory requirements.
    • General requirements
  • Adaptive and responsive to change
  • Managing relationships and stakeholders
  • Working with virtual teams
  • Delivering results through a structured, planned approach
  • Partnership working and working across Business units
  • Results and delivery focus
  • Excellent communication skills; approachable; authoritative; influencing skills; diplomatic; demonstrates empathy; strong focus on performance measurement, security management and delivery.
  • Strong business awareness, delivery and customer service focus

    • APPLY NOW

    3rd Party Information Security Analyst Related Jobs

    © 2019 Naukrijobs All Rights Reserved