Data Security Expert (3rd Party Assurance)

Data Security Expert (Third Party Assurance)

Umbrella Contract (End of 2021 initially)

Location: Reading, with remote working available.

This leading telecoms company are looking for a Data Security Expert to join them. This is a critical role responsible for ensuring that all security standards are being met to protect the data and infrastructure.

What you can expect to be doing::

• Vendor assessment and security schedule uplifts. Working collaboratively with our commercial contracts teams, and external partners to ensure security obligations are being met.
• Assessing suppliers against TSR (Telecoms Security) requirements, and ensuring suitable contract uplifts are in place and progressed.
• Heatmap data collation and operationalisation
• Risk assessment and data collection
• Making risk-based recommendations for mitigation and compensating controls appropriately for a mobile telco environment.
• Management and executive reporting, and acting as advisor to senior management.
• Acting as Consultant that can be flexible in approach and pivot if required, to support on the wide variety of projects

Requirements to be successful in this role:

• Excellent track record within a fast paced Technology environment within the telecoms or similarly highly regulated industry
• Experience of managing 3rd party security risks, including commercial engagements, adjusting or developing security schedules to meet compliance requirements and appropriately measuring risk against compliance. Will work closely with commercial and legal teams
• ISO27005/NIST800-37/ISO31000 or similar risk management framework experience. Practical knowledge of risk assessment processes & methodologies to make risk-based recommendations, for 3rd party risk and commercial agreements
• Data gathering and input into security heatmap. Good Excel skills required
• Experience with 3rd party assurance tools would be an advantage.
• Effective communication, including verbal, report production & presentations skills; ability to analyse, interpret and present data in an effective manner, for peers and senior management
• Self motivated and can work without close management. Ability to quick build relationships with both internal teams, suppliers and vendors
• Recognised security industry related qualifications, e.g. CISSP, CISM or equivalent industry experience
• Experience with critical national infrastructure or similarly regulated environments an advantage - CAF/CNI/CPNI, finance, oil, gas, aviation etc.

For more information please apply here or send a CV direct to kerry.knight@projectpeople.com

Project People is acting as an Employment Business in relation to this vacancy.