This is an inside IR35 contract for an initial 3 months. A well-established multinational firm is looking for an accomplished IT Security professional to carry out vendor risk assessments. This is an urgent requirement so please only apply if you are able to start a new role on or before Tuesday, 1st June.
In order to be suitable for this role you must have a detailed knowledge of risk methodologies and of applying them to third party relationships, coupled with hands-on technical experience of systems, networks and security architectures which will enable you to evaluate risk and assess the effectiveness of controls. You will have broad knowledge of risk management, vulnerability management, and third-party risk, allied to extensive knowledge of security standards, including ISO27001.
Great communication and documentations skills are a prerequisite, while security certifications are highly advantageous to your application, with CISSP preferred. An understanding of OWASP top 10 vulnerabilities is also mandatory.
Your key responsibilities will include:
Evaluate third party risk and steer vendor relationships
Evaluates vendor responses to security questionnaires
Make recommendations on ways to mitigate vendor risk
Maintain vendor risk repository of artifacts including regular third party vendor certifications and assign risk scores to firm suppliers and partners