Description
Information Security Manager - CISSP - ISO27001 - FSA - CISA
Role Overview:
We have a fantastic opportunity for two people to join a newly formed team within the UKI & EMEA Global Security Office as Third Party Information Security Assessors. My client who is a FTSE 50 Company based in Nottingham treats information security as a high priority and this team will be focussed on enhancing risk management practices across client organisations, partners and suppliers.
The successful candidates will be working in accordance with my clients Third Party Information Security Assessment process and framework, and will be responsible for:
Conducting Assessments & Completing Reports
Utilise your skills in a large, global environment to deliver Information Security Assessments in line with assessment framework; creating risk assessment reports for use by internal stakeholders and account managers
Provide Consulting & Risk Remediation solution support
You will drive appropriate controls deployment to mitigate security risks, ensuring the company and our Third parties remain compliant to standards like PCI-DSS, ISO 27001 FSA, etc. Your time will be spent working internally and externally to formulate appropriate information security strategies directly and through other members of the Information Security team.
Process Enhancement
Utilise your experience to assist in the development and maintenance of Third Party Key Risk Assessment activities including; Risk assessment activities, performance Indicators, partner programs, contracts, etc.
The Successful candidate will have the following:
Relevant Degree or applicable Industry Qualification(s) in Information Security/Audit eg CISSP, CISA, ISA/QSA (PCI DSS), ISO27001 Lead Auditor etc.
Proven experience of assessing/controls testing Information Security controls and knowledge of ISO27001 or equivalent frameworks and processes used for evaluating their design and effectiveness
Demonstrable experience of providing Information security risk management controls deployment and advisory experience to Operating functions - both Technical and non-Technical.
Strong stakeholder management skills with proven experience of managing 3rd Party assessments/audits and dealing with suppliers, partners and clients
Strong written and verbal communications skills with experience of working with multiple countries/cultures
The assessor will work to drive third party adherence to the same high standards of information security to which my clients holds itself accountable, and to identify & communicate information security risks related to our customer and business sensitive information in a structured way to internal and external stakeholders.
You will need to be able to take your in depth Information Security skills and assess deployment capability and residual risks, be able to articulate the outcome of the assessment in relation to the activities conducted and provide advice to business stakeholders on how to progress with the provision or receipt of services. You will also use your knowledge to provide consulting expertise, as required, to third parties on how to address information security risk in line with my clients policies and market best practices.
If you match these requirements, please apply in the normal way. Elevate will send you an email, please open, click and action that email and your application will be visible to the hiring organisation directly.