This is an inside IR35 contract for an initial 3 months. A well-established multinational firm is looking for an accomplished IT Security professional to carry out vendor risk assessments. This is an urgent requirement so please only apply if you are able to start a new role on or before Monday 27th September.
In order to be suitable for this role you must have a detailed knowledge of risk methodologies and of applying them to third party relationships, coupled with hands-on technical experience of systems, networks and security architectures which will enable you to evaluate risk and assess the effectiveness of controls. You will have broad knowledge of risk management, vulnerability management, and third-party risk, allied to extensive knowledge of security standards, including ISO27001.
Great communication and documentations skills are a prerequisite, while security certifications are highly advantageous to your application, with CISSP preferred. An understanding of OWASP top 10 vulnerabilities is also mandatory.
Your key responsibilities will include:
-
Evaluate third party risk and steer vendor relationships
-
Evaluates vendor responses to security questionnaires
-
Make recommendations on ways to mitigate vendor risk
-
Maintain vendor risk repository of artifacts including regular third party vendor certifications and assign risk scores to firm suppliers and partners