Risk Assurance Consultant Permanent Role
Posted on Jul 1, 2021 by RDA People Limited
Third Party Risk
Our excellent client is a well established leader in the risk consultancy market and is now offering this opportunity to join the company in the capacity of THIRD PARTY ASSURANCE PROFESSIONAL.
The organization provides services in the risk arena to help businesses become more secure, more compliant and optimally resilient in the age of ever-changing risk. It provides its clients with the insight to focus resources and prepare them to cope with and resolve the crises and lesser issues that arise within any sizeable organization.
From c-level to operational, from local to remote locations our client brings order to chaos and reassurance to anxiety.
Individuals are given direct responsibilities with the commensurate level of authority to make appropriate decisions, excellent career development opportunities and the chance to work collaboratively on fascinating projects, in a rewarding and inclusive global environment
All employees are expected to display behaviours reflective of the company's client's organisational values and culture: Integrity and Ethics, Collaboration and Teamwork, Commitment to People and Professionalism and Excellence.
PRIMARY TASKS AND RESPONSIBILITIES
- Ability to lead information security related assessments, independently.
- Able to work collaboratively with teams from other disciplines within the global organisation, and with the suppliers and clients.
- Can manage concurrent complex activities to short timescales.
- Capable of working under pressure to deliver good quality assessment reports.
- Perform on-site and/or remote third-party security assessment of critical suppliers across business units that transmit, process, or store sensitive data.
- Work with existing and new suppliers to confirm exit strategy, data retention and data return measures.
- Owns the Back Office functions and activities including assurance scheduling, reporting and remediation management for agreed supplier(s).
- Assist the team in a continuous improvement regime.
- Go-to resource for a defined set of suppliers whilst working as part of a global team to provide supplier data security advice and guidance.
- Be prepared to occasionally travel for assessments (includes UK & international)
REQUIRED EXPERIENCE AND KNOWLEDGE
- Experience of conducting information security assessments, deep dive multi-day assessments or audits.
- Ability to produce high quality audit or assessment reports.
- Good knowledge of all domains within security eg, cloud, security management, service management, BCM, physical, GDPR/data protection.
- Good communication and influencing and negotiation skills.
- Experience in similar role for a complex global organisation (consultancy, insurance or financial services sector preferred but not essential).
- Ability to explain technical complex concepts to non-technical stakeholders and suppliers
QUALIFICATIONS AND SKILLS
- A recognised security certification such as CISSP, CISA, CISM, ISO/IEC 27001 Lead Auditor, CCSK or CCS, or equivalent experience.
- Degree, or similar academic qualification