Cyber Vendor Assurance Consultant - INTL UK

Job Description

Overview

You will manage and own a diverse portfolio of vendor assessments, undertaking Information Security reviews using a defined methodology. From planning, reviewing vendor responses, vendor assessments, reporting of identified risks and provision of required remediation. Given the nature of the role you will be providing guidance to both internal and external stakeholders across a global mandate.

Responsibilities

• Assessing responses to a defined set of Information Security controls, ensuring quality and completeness of returns.
• Reviewing and assessing vendor responses. Identification of risk / vulnerabilities.
• Proposing supporting remediation activities relative to identified vulnerabilities. Liaising with key stakeholders to ensure appropriate escalation and timely remediation.
• Maintaining and producing detailed reporting as well contributing towards key risk indicators and team management information.
• The ability to articulate non-conformities both written and verbally. Advising on risk articulation, materiality and required actions to remediate. An adaptive communication style to reflect a diverse stakeholder audience across a global environment will be essential.
• Collating and assessing various Cyber intelligence sources to help provide greater insight as to the Vendors Security posture.
• Share knowledge and mentoring to colleagues, supporting queries and providing guidance in relation to Cyber Vendor Assurance.
• Attending meetings, workshops, acting as delegate for Manager when required.
• Actively contribute to the ongoing development of the Cyber Vendor Assurance team through constructive challenge, providing solutions, innovation and continual improvement.
• Reinforce TELUS Health's Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders.

Qualifications and Requirements

• 4+ years of applied and practical Cyber Vendor Assurance experience. Ability to demonstrate expertise and application of knowledge, in terms of technical and softer skills that are required in managing a diverse vendor assurance portfolio.
• Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities / areas of control enhancement.
• Adept at reviewing Vendor Security policies and standards to ensure appropriate scope and adequacy.
• Clear understanding of information security principles, including risk management, organization of Information Security, vulnerability identification, Data Loss Prevention, Supply chain associated risks, etc.
• Strong stakeholder management and interpersonal skills. Ability to engage and develop relationships across a broad range of geographies and sectors.
• Strong organisational skills, with the ability to coordinate and effectively self-manage your own portfolio of work, independently to ensure high quality and timely delivery.
• Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement.
• Strong communication skills (verbal and written) and strong analytical skills, attention to detail and the ability to identify omissions/ gaps /areas of focus.
• Ability to accommodate travel and time away from home may be required.

Nice to have

• CISM, CRISC, IS027001 LA, CISA
• Procurement knowledge, reflective of the Supplier lifecycle.
• Operational Risk experience.
• Bi-lingual (English + French, Spanish or German)

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.