Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Cyber Security Vendor Assurance Manager
Eingestellt von Pimento Connection
Gesuchte Skills: Engineering
Projektbeschreibung
Job Title: Cyber Security Vendor Assurance Manager
Corporate Title: AVP/VP
Department: Chief Information Security Office ('CISO')
Location: London
Overview
The Cyber Security Vendor Assurance Manager is responsible for managing the bank's strategic partners to deliver products and services in alignment with the bank's security and regulatory requirements as well as its overall business strategy.
The successful candidate will assist in negotiating, establishing and maintaining commercial contracts and ensure effective engagement and communication with vendors to maintain security service standards.
They will work with the bank's Chief Information Security Office (CISO) organization as well as various business lines to ensure there is effective monitoring, oversight and alignment of vendor relationships - including risk reviews, change management, issue escalation, etc.
The candidate will contribute to, and operate within, a cyber-security vendor governance framework to ensure consistency in governing vendor relationships and leveraging cross vendor / cross function knowledge and strategy within the organization.
Key responsibilities
- Ensures effective on boarding and service readiness assessment of vendors in line with the cyber-security vendor governance framework, requirements and processes
- Defines and documents expected cyber-security service expectations to be delivered by vendor and those to be delivered by the bank to provide a complete service experience
- Manages vendor issues to resolve appropriately and escalates to senior management, where needed
- Builds and maintains methods of vendor performance and data monitoring sufficient for trend analysis, benchmarking and recommendations, including high quality management information appropriate for up to Executive Committee review
- Together with service owner, establishes and on an ongoing basis carries out analysis of vendor performance to ensure compliance against contracted service levels and continuous improvement
- Provides expertise in the bank's contract templates and frameworks throughout their lifecycle including RFI/RPF and renewal activities.
- Contributes to the build and enablement of a standardised set of procedures and tools to reduce complexity
- Supports clients and peers with sourcing activities - promoting standardised processes and best practices. Understands client's requirements, vision and promote 'win-win' outcomes
- Provides business analysis and project management skills to co-ordinate security requirements with the Integrated Sourcing Teams (ISTs) in the negotiation, set up, and maintenance of commercial contracts, to include service level agreements and other relevant key performance indicators content
- Identifies and manages potential security risks within sourcing arrangements, service (and operating) level agreements, to ensure tracking and resolution by vendors or otherwise. Will include the definition and assessment of tactical and strategic mitigation methods
- Ensures compliance with the bank's defined governance, relevant training and maintains awareness of regional (local) and industry governing bodies' standards
- Supports supply chain risk management in promoting good practices and providing early risk/issue identification and mitigation, with appropriate escalation
- Actively communicates and cascades the CISO strategy, plans and values at all levels in the organisation driving a high performance culture, enabling effective navigation of the organisation, and supporting efficient decision making
Experience and Skills
- 5+ years' experience in the field of IT Security and/or Information Assurance
- Experience in vendor and contract management in the Financial Services/Management industry
- Relevant Bachelor or Master Degree (or equivalent) in Computer Science or Engineering (or other relevant discipline) from an accredited college or university (or equivalent)
- Proven experience in identifying and delivering process improvement projects in a complex operating environment using strong relationship building skills
- Good working knowledge of international security standards such as ISO, NIST and global financial industry regulations.
- Good working knowledge of ITIL and CoBIT
- Good working knowledge of security services such as vulnerability management, security incident management, security problem management, compliance management etc.
- Excellent strategic agility, critical thinker, communication, influencing
- Strong business planning skills, able to drive change
- Fluent in English (written/verbal) with excellent communication and presentation skills
To apply for this role please click the APPLY button.
Corporate Title: AVP/VP
Department: Chief Information Security Office ('CISO')
Location: London
Overview
The Cyber Security Vendor Assurance Manager is responsible for managing the bank's strategic partners to deliver products and services in alignment with the bank's security and regulatory requirements as well as its overall business strategy.
The successful candidate will assist in negotiating, establishing and maintaining commercial contracts and ensure effective engagement and communication with vendors to maintain security service standards.
They will work with the bank's Chief Information Security Office (CISO) organization as well as various business lines to ensure there is effective monitoring, oversight and alignment of vendor relationships - including risk reviews, change management, issue escalation, etc.
The candidate will contribute to, and operate within, a cyber-security vendor governance framework to ensure consistency in governing vendor relationships and leveraging cross vendor / cross function knowledge and strategy within the organization.
Key responsibilities
- Ensures effective on boarding and service readiness assessment of vendors in line with the cyber-security vendor governance framework, requirements and processes
- Defines and documents expected cyber-security service expectations to be delivered by vendor and those to be delivered by the bank to provide a complete service experience
- Manages vendor issues to resolve appropriately and escalates to senior management, where needed
- Builds and maintains methods of vendor performance and data monitoring sufficient for trend analysis, benchmarking and recommendations, including high quality management information appropriate for up to Executive Committee review
- Together with service owner, establishes and on an ongoing basis carries out analysis of vendor performance to ensure compliance against contracted service levels and continuous improvement
- Provides expertise in the bank's contract templates and frameworks throughout their lifecycle including RFI/RPF and renewal activities.
- Contributes to the build and enablement of a standardised set of procedures and tools to reduce complexity
- Supports clients and peers with sourcing activities - promoting standardised processes and best practices. Understands client's requirements, vision and promote 'win-win' outcomes
- Provides business analysis and project management skills to co-ordinate security requirements with the Integrated Sourcing Teams (ISTs) in the negotiation, set up, and maintenance of commercial contracts, to include service level agreements and other relevant key performance indicators content
- Identifies and manages potential security risks within sourcing arrangements, service (and operating) level agreements, to ensure tracking and resolution by vendors or otherwise. Will include the definition and assessment of tactical and strategic mitigation methods
- Ensures compliance with the bank's defined governance, relevant training and maintains awareness of regional (local) and industry governing bodies' standards
- Supports supply chain risk management in promoting good practices and providing early risk/issue identification and mitigation, with appropriate escalation
- Actively communicates and cascades the CISO strategy, plans and values at all levels in the organisation driving a high performance culture, enabling effective navigation of the organisation, and supporting efficient decision making
Experience and Skills
- 5+ years' experience in the field of IT Security and/or Information Assurance
- Experience in vendor and contract management in the Financial Services/Management industry
- Relevant Bachelor or Master Degree (or equivalent) in Computer Science or Engineering (or other relevant discipline) from an accredited college or university (or equivalent)
- Proven experience in identifying and delivering process improvement projects in a complex operating environment using strong relationship building skills
- Good working knowledge of international security standards such as ISO, NIST and global financial industry regulations.
- Good working knowledge of ITIL and CoBIT
- Good working knowledge of security services such as vulnerability management, security incident management, security problem management, compliance management etc.
- Excellent strategic agility, critical thinker, communication, influencing
- Strong business planning skills, able to drive change
- Fluent in English (written/verbal) with excellent communication and presentation skills
To apply for this role please click the APPLY button.
Projektdetails
-
Einsatzort:
London, Vereinigtes Königreich
-
Projektbeginn:
asap
-
Projektdauer:
Keine Angabe
- Vertragsart:
-
Berufserfahrung:
Keine Angabe
Geforderte Qualifikationen
-
Kategorie:
Ingenieurwesen/Technik