Senior Manager - Vendor Security - Third Party - Risk

Measures of Success (Define the Outcomes expected of the role)

- Successful development and contribution to the vendor risk security programme

- Promote commitment, trust and engagement between them and their workforce

- Manage internal stakeholders to achieve high level performance whilst ensuring their personal wellbeing.

- Increase in maturity of vendor risk Programs (Adoption & Capabilities).

- Delivery of project plans, milestone updates, presentations, assessment reports and communications to senior management and other relevant stakeholders.

Skills Sets Required -

- Knowledge in multiple information security technologies and their strengths and shortcomings.

- Proven experience with securing information for various technical solutions.

- Monitor marketplace trends and experiences on security, audit and control issues.

- Knowledge of common assessment control techniques.

- Knowledge of analytic techniques and methods.

- Understand security controls from a people, process and technology perspective.

- Understanding of security architectural principles and standards.

- Experience in system security, network security and information security, covering areas of ISMS Management / PCI DSS, Technology risk and compliance, BCP & DR planning, Implementation and compliance, IT and IS audits, BCP audits, Security operations assessment and Cloud security.

- Should be familiar with standard security processes and guidelines.

- Should be familiar with PCI and PA DSS

- Ability to interact and work with various senior stakeholders. Manage congruent relationships among different teams.

- Excellent written & verbal communication & presentation skills.

- PCI DSS, PA DSS, ISO27001 & audit experience. Strong ability to devise, drive and implement standard processes and best practices (both from security and risk perspective) for all the suppliers.

- Ability to lead, collaborate, challenge and influence peers. Passion for project based execution and process improvement.

- Excellent Documentation, Communication, presentation, interpersonal and leadership Skills

Must have Qualification

- A Bachelors Degree or advance course in Computer Science or Information Security related areas

- Post-Graduation (Preferred) - MBA or Masters in related field

- Industry-standard certifications such as CISA, CISM, ISO27001 LA, CEH, CCNA, CISSP, MCP etc. as preferred.

- Experience managing service providers/supplier relationships (Required)

- Should have strong knowledge of risk assessments frameworks such as - NIST CSF & 800-53, ISO27001, SOC, PCI, GDPR, etc.

Relevant Experience with respect to the role

- 6+ years overall in information security, IT auditing & IT / vendor risk management processes.