Data Security Expert/3rd party assurance/telecoms

Data Security Expert (Third Party Assurance)

Location: Reading, with remote working available.

I have an exciting opportunity to work as a Data Security Expert for a telecoms company based in Berkshire.

The Data Security Expert is a critical role, responsible for ensuring that all security standards are being met to protect our data and infrastructure.

What the Data Security Expert can expect to be doing:

• Vendor assessment and security schedule uplifts. Working collaboratively with our commercial contracts teams, and external partners to ensure security obligations are being met.
• Assessing suppliers against TSR (Telecoms Security) requirements, and ensuring suitable contract uplifts are in place and progressed.
• Heatmap data collation and operationalisation
• Risk assessment and data collection
• Making risk-based recommendations for mitigation and compensating controls appropriately for a mobile telco environment.
• Management and executive reporting, and acting as advisor to senior management.
• Acting as Consultant that can be flexible in approach and pivot if required, to support on the wide variety of projects we are undertaking.

The successful Data Security Expert will have:

• Excellent track record within a fast paced Technology environment within the telecoms or similarly highly regulated industry
• Experience of managing 3rd party security risks, including commercial engagements, adjusting or developing security schedules to meet compliancy requirements and appropriately measuring risk against compliancy. Will work closely with commercial and legal teams
• ISO27005/NIST800-37/ISO31000 or similar risk management framework experience. Practical knowledge of risk assessment processes & methodologies to make risk-based recommendations, for 3rd party risk and commercial agreements
• Data gathering and input into security heatmap. Good Excel skills required
• Experience with 3rd party assurance tools would be an advantage.
• Effective communication, including verbal, report production & presentations skills; ability to analyse, interpret and present data in an effective manner, for peers and senior management
• Self motivated and can work without close management. Ability to quick build relationships with both internal teams, suppliers and vendors
• Recognised security industry related qualifications, e.g. CISSP, CISM or equivalent industry experience
• Experience with critical national infrastructure or similarly regulated environments an advantage - CAF/CNI/CPNI, finance, oil, gas, aviation etc.

To apply for the Data Security Expert please send your CV to caroline.kennedy@projectpeople.com

Project People is acting as an Employment Business in relation to this vacancy.