Job Description
Job Title: Information Security Vendor Assurance Partner
Location: Nottingham
Contract: Perm
Recruiter: Noaman Hussain
Who we are
International Technology & Advanced Analytics (IT2A) is a multi‑national team of specialists in security, hosting, architecture, software engineering, networks and project delivery, supporting two of the UK’s most trusted and established brands – Boots and No7. Partnering with some of the finest tech providers and utilising a cutting‑edge tech stack, we use the latest technology and robust data to transform our pharmacy and retail offerings, improve experiences for customers and patients and enhance operational effectiveness. A proud equal opportunity employer, we passionately embrace diversity and provide a positive and inclusive working environment for all.
About the role
We are looking for an experienced Information Security Vendor Assurance Partner to join our growing InfoSec team. Third‑party risk is a rapidly growing area of enterprise information security risk. This is an exciting opportunity to lead and manage the team(s) responsible for evaluating and resolving business issues relating to third‑party vendor security risk. You will work to resolve problems across areas within your specified area of security expertise, developing and implementing protocols that impact the daily operational activities of the specified area of Security. Do you enjoy working within Information Security and would like to work with purpose and autonomy? If yes, apply today to find out more!
Key responsibilities
* Implement new or upgraded security measures or controls, and document system or process changes.
* Review security violation reports or logs, investigate possible security exceptions and coordinate with internal teams, Directors or external agencies as needed, including managed service providers.
* Develop and execute security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e‑commerce and web‑based systems.
* Advise on penetration testing and vulnerability assessments of third‑party provided applications, operating systems and/or networks.
* Assist in the creation and implementation of security solutions, including analysing vendor assessments to ensure vendor is complying with security contract language and WBA security requirements.
* Conduct contract reviews for appropriate security language prior to signing.
* Conduct remediation management or governance and/or escalations on vendors or operational issues requiring a solution.
* Provide relevant and topical information to management / act as a business partner, including producing and delivering various dashboards, metrics and other reports, as required.
What you’ll need to have
* Experience working in Security Risk Management, Threat Response, Security Operations, IT Operations, IT Compliance and/or IT Governance.
* Experience with vendor and vendor contract management, including SLA reviews.
* Experience diagnosing, isolating, and resolving complex issues and recommending and implementing strategies to resolve problems.
* Experience identifying operational issues and recommending and implementing strategies to resolve problems.
Our benefits
* Retirement Savings Plan
* Discretionary annual bonus
* Generous employee discounts
* Enhanced maternity/paternity/adoption leave pay and gift card for anyone expecting or adopting a child.
* Flexible benefits scheme including option to buy additional holiday, discounted gym membership, life assurance, activity passes and more.
* Access to free, 24/7 counselling and support through TELUS Health, our Employee Assistance Programme.
We have a great range of benefits in addition to the above that offer flexibility to suit you – find out more at boots.jobs/rewards. Exclusions may apply, eligible roles only. Please note, any salary estimates given on third‑party sites are not provided or endorsed by Boots and may not be accurate.
What’s next
Where a role is advertised as full‑time, we are open to discussing part‑time and job share options during the application process. If you require additional support as part of the application and interview process, we are happy to provide reasonable adjustments to help you to be at your best.
This role requires the successful candidate to complete a Pre‑employment check after receiving an offer. Depending on your location you will be asked to submit either a DBS (Disclosure & Barring Service), PVG (Protection of Vulnerable Groups) or an Access NI Check.
We are a Ban the Box employer and will consider the suitability of applicants with criminal convictions on a case‑by‑case basis.
#LI‑Onsite
#J-18808-Ljbffr