×
Address
Dublin, IE
Share
Text size
aA+ aA-
Print
Click here to print

Third Party Security Assurance Manager

Country : Ireland Ireland

Region : Dublin

Town : Dublin

Category : Logistics

Contract type : Permanent

Availability : Full time

Company presentation

Third Party Security Assurance Manager
Team: Cyber Security
Reports To: Security Strategy & Compliance Lead
Location: Dublin
Job Type: Permanent/Full Time

Job description

Third Party Security Assurance Manager

Team: Cyber Security

Reports To: Security Strategy & Compliance Lead

Location: Dublin

Job Type: Permanent/Full Time

Job Purpose:

Primark Technology is about to embark on a transformation journey to support business strategy which includes modernising our operating model as well as technology architecture and Cyber Security posture

This role is key in building and improving Primark's Cyber Security Posture.

Key Responsibilities:
  • Act as the subject matter expert for supplier on-boarding activities and security assurance reviews of third parties and suppliers to manage the associated security risks.
  • Build and maintain relationships with stakeholders such as Legal, Procurement and suppliers to ensure that they are assessed, on-boarded, monitored and off-boarded in line with policy
  • Increase the maturity of Primark's third-party supplier governance process leveraging GRC platform to automate key processes and speed up decision making.
  • Implement a standardised approach to measuring compliance against Security Policies and Standards, Financial control framework and Industry Standards
  • Support ISO in embedding Policies and Standards with vendors and internal teams.
  • Support the Risk Management process by ensuring all gaps in Policy and Security capability are fully documented in line with the risk acceptance process
  • Work on addressing Policy gaps by advising the business of the appropriate technologies and supporting processes required.
  • Monitor ongoing compliance of third parties and suppliers in line with policy and risk profile.
  • Lead the oversight of all supporting activities, including reporting, flagging risks and issue remediation.
Knowledge & Experience Required:
  • 3+ years experience of providing third party security assurance within a global organisation and detailed knowledge of Information Security Risk Management best practice and controls
  • An appropriate degree, equivalent qualification or experience
  • A recognised security certification is desirable e.g. CISM, CISA, CISSP or CRISC
Successful candidates will:
  • Be a passionate professional able to inspire others to challenge and disrupt the current reality to co-create a compelling technology/cyber security orientated future business by embracing new ways of working and successfully executing new opportunities
  • An understanding and background partnering closely with stakeholders such as Legal, Procurement, Security compliance and privacy teams
  • Significant experience of providing security supplier assurance in a complex global organisation
  • Excellent stakeholder management, communication and influencing skills.
  • Thorough understanding of supplier governance, understanding of security management processes, practices and technical countermeasures.
  • Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.

Profile

Knowledge & Experience Required:
  • 3+ years experience of providing third party security assurance within a global organisation and detailed knowledge of Information Security Risk Management best practice and controls

  • An appropriate degree, equivalent qualification or experience

  • A recognised security certification is desirable e.g. CISM, CISA, CISSP or CRISC

Successful candidates will:
  • Be a passionate professional able to inspire others to challenge and disrupt the current reality to co-create a compelling technology/cyber security orientated future business by embracing new ways of working and successfully executing new opportunities

  • An understanding and background partnering closely with stakeholders such as Legal, Procurement, Security compliance and privacy teams

  • Significant experience of providing security supplier assurance in a complex global organisation

  • Excellent stakeholder management, communication and influencing skills.

  • Thorough understanding of supplier governance, understanding of security management processes, practices and technical countermeasures.

  • Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.

Share
Print
Click here to print