Principal Architect Supplier Cyber Security Risk
- Execute and support the full lifecycle of information security and third-party risk assessments as needed, either individually or through available resources.
- Coordinate with Legal and Procurement representatives to ensure proper security and privacy clauses are included in third-party contracts
- Ensure robust tracking and remediation of third-party security and privacy risk exposures identified through assessment processes
- Evangelize third-party risk management processes across business lines to help influence a strong culture of proactive awareness for third-party risks
- Contribute to the gathering and distribution of periodic program metrics and/or dashboards
- Provide consultancy SME support in conducting security posture assessments as part of continuous monitoring or post breach scenarios to ensure that suppliers have adequate security controls.
Who we're looking for?
- 8+ years of demonstrable experience in cyber security and/or third party security risk management
- Experience and knowledge across different frameworks and standards such as ISO 27001, NIST, CIS etc.
- Demonstrable experience and understanding of cyber security principles, IT security controls, and related technologies and products
- Ability to prioritize, delegate, and foster the development of high-performance teams to lead/support an environment driven by customer service and partnership
- Exposure to any GRC technologies to conduct cyber risk management
- Fluent English
How we manage our projects?
Scrum, Agile, Kanban
Who makes architectural decisions?
Team and tech leads
Who makes technology stack decisions?
Project management software
JIRA, Microsoft Teams, Azure Devops
How we code?
Static code analysis
How we test?
Flexible working hours
- Healthcare package
- Healthcare package for families
- Leisure package
- Hot beverages