This Job Vacancy has Expired!

Third-Party Security & Business Continuity Assessment Advisor

Base 3

Posted on Apr 1, 2022 by Base 3

Brussel, Belgium
Immediate Start
Annual Salary


In your role of Third-Party Security & Business Continuity Assessment Advisor, your key responsibilities are the following

a) Strategic activities:

  • Contribute to maintain/update the Third-party Security framework and perform the strategic reporting
  • Contribute to maintain/update 3P security policies, implementing procedures, operational procedures, guidelines
  • Contribute to maintain/update the third-party security requirements, as part of the contractual framework
  • Contribute to maintain/update 3P Security internal controls to ensure that Information Security & Business Continuity aspects are managed alongside Third Party life cycle
  • Report on 3P security activity to the Group Security management.
  • Control & Continuous Improvement on the Third-party Security framework.
  • Contribute to the definition and design of the longer term automation goals of the team

b) Operations: Provide security expertise alongside Third Party life cycle:

  • Represent the Group Security in the Third party selection & contract management process:
    • Support business owners in the inherent and residual security risk assessment (tailored to the risk profile).
    • Perform and document the relevant assessment to evaluate provider residual security risk.
    • Manage the residual risks in line with the risk management framework and coordinate the implementation of remediation action plan
    • Advise the Business owners on contract elaboration (integration of Information Security clauses in the contract).
    • Track activity and progress through the Third Party Cyber risk process chain
  • Collaborate to the periodic third-party information security risk recertification
  • On a daily basis, monitor the third-party security risks
  • Follow the cyber-threat alerts as a facilitator with the incident management teams
  • Prevent the incident from occurring in the future
  • Perform ad-hoc on-site audit on critical providers
  • Ensure that the service/contract termination controls have been performed

    Required Technical & Functional skills

    • Education: Bachelor/Master's degree (Computer Science, Information Security or Business Science).
    • Broad knowledge of Information Security & IT security is mandatory. Relevant Information security certifications (ie. ISO 27000 lead implementer, CISM, CISSP ) and/or governance certifications (Cobit, ITIL) is preferable.
    • Knowledge and/or experience of financial services
    • Languages: English (Fluent), Being fluent in French and/or Dutch is a plus.

    Note: this role has been assessed as Inside IR35, which-h only affects UK resident candidates

    Reference: 1549070909

    Set up alerts to get notified of new vacancies.