Information Security Risk Manager Role Summary
This role is responsible for implementing and managing information security risk across the organization's supply chain. The ideal candidate will have experience in supplier due diligence, information security risk management, and compliance with relevant regulations.
* Main Responsibilities:
* Lead the execution of the information security supply chain framework, ensuring that security controls are implemented throughout the lifecycle of suppliers
* Coordinate supplier information security due diligence and risk assessment activities, including data gathering and risk metric tracking
* Partner with procurement, contract management, and other stakeholders to ensure end-to-end third-party processes consider information security
* Assess vendor risks against organizational contractual requirements and controls, as well as regulatory compliance
* Develop and maintain a set of security contractual clauses and service level agreements with vendors
About You:
The successful candidate will possess:
* Experience:
* Demonstrable experience with supplier and supply chain due diligence frameworks, procedures, data gathering, and information security risk and controls assessment
* Experience of supplier information security risk management at all stages of the supplier lifecycle from procurement, contracting, on-boarding, contract management, and off-boarding
* Familiarity with formal information security frameworks and certifications such as SOC 2, ISO 27001, CE+, CIS Top 20, and OWASP
* Excellent verbal, written, and interpersonal communication skills, able to listen and communicate technical subjects to both technical and non-technical audiences
* Self-motivated with keen attention to detail and ability to work independently
We Offer:
A dynamic and supportive work environment, opportunities for career growth and development, and a competitive compensation package.
How to Apply:
Please submit your application, including your resume and cover letter, outlining your qualifications and experience for this role.
Contact Us:
For more information about this opportunity, please do not hesitate to contact us.