Data Security Expert

Data Security Expert - Contract to end of the year - Mobile Telecoms - Berkshire

This person should come from technical security background (Virtualisation, Networking, Microsoft AD, Linux) and moved into a governance role with experience of managing delivery from 3rd parties, looking at contractual obligations, and working with Technical Contract teams to ensure that Security requirements are being reflected in commercial contracts.

What they can expect to be doing:

• Vendor assessment and security schedule uplifts. Working collaboratively with our commercial contracts teams, and external partners to ensure security obligations are being met.
• Assessing suppliers against TSR (Telecoms Security) requirements, and ensuring suitable contract uplifts are in place and progressed.
• Heatmap data collation and operationalisation
• Risk assessment and data collection
• Making risk-based recommendations for mitigation and compensating controls appropriately for a mobile telco environment.
• Management and executive reporting, and acting as advisor to senior management.
• Acting as Consultant that can be flexible in approach and pivot if required, to support on the wide variety of projects which the company are undertaking.

Requirements to be successful in this role:

• Excellent track record within a fast paced Technology environment within the telecoms or similarly highly regulated industry
• Experience of managing 3rd party security risks, including commercial engagements, adjusting or developing security schedules to meet compliancy requirements and appropriately measuring risk against compliancy. Will work closely with commercial and legal teams
• ISO27005/NIST800-37/ISO31000 or similar risk management framework experience. Practical knowledge of risk assessment processes & methodologies to make risk-based recommendations, for 3rd party risk and commercial agreements
• Data gathering and input into security heatmap. Good Excel skills required
• Experience with 3rd party assurance tools would be an advantage.
• Effective communication, including verbal, report production & presentations skills; ability to analyse, interpret and present data in an effective manner, for peers and senior management
• Self motivated and can work without close management. Ability to quick build relationships with both internal teams, suppliers and vendors
• Recognised security industry related qualifications, e.g. CISSP, CISM or equivalent industry experience
• Experience with critical national infrastructure or similarly regulated environments an advantage - CAF/CNI/CPNI, finance, oil, gas, aviation etc.

Project People is acting as an Employment Business in relation to this vacancy.