Third Party Security Assessor

1 day ago

London, United Kingdom Willis Towers Watson Full time

As a Third Party Security Assessor you will be working across Willis Towers Watson, providing a range of information security assurance activities targeted at all third party companies we engage with. Operating on a global basis, you will audit suppliers,conduct risk assessments and provide detailed reporting.
This role resides in our Information & Cyber Security team within Corporate IT, reporting to the Head of Third Party Security Assurance, Information and Cyber Security. You will also be required to deputise for the Head of Third Party Security Assurance asrequired.
**The Role**:

- Follow full security third party framework and the associated lifecycle events.
- Managing the third-party control assessments.
- Identify security control gaps in line with WTW framework.
- Propose security requirements for mitigation or remediation.
- Highlight cyber risks linking to GRC, SRM and ERM frameworks.
- Produce final risk reports outlining relevant information and final risk.
- Ensure any appropriate policy exceptions are raised by the owner and validate relevant gaps covered and include a remediation plan with clearly defined implementation dates.
- Agree ongoing fortification and check points with owner to review evidence and review risk.
- Keep records and data bases updated at all times with necessary status and checkpoints.
- Ensure all necessary Third-Party data classifications, regulations and compliance needs are met and tracked.
- Use automated risk assessment tool.
- In parallel to Third Party control assessments, ensure third party contract is reviewed and includes security clauses / schedule as appropriate based on service provision.
- Support Business Service owners with third party contract negotiations.

**The Requirements**:

- Degree in a relevant Business or Information Technology area.
- Information Security specific qualification is desirable (such as CISM, CISSP, MInstISP)
- You will have a passion for your work, a strong desire to learn and a real love of information security - with an understanding of the positive impacts it can make to a business.
- Ability to assess security and business risks, analysing and presenting critical risks and potential remediation activities to all levels of management within the business.
- Experience of working within internal or external audit, either within a previous organisation or as part of a professional services firm is desirable.
- Experience managing a team of security, assurance, and/or compliance professionals.
- An ability to work across multiple business segments and contexts, and to understand that different teams will require different engagement approaches will be helpful.
- Effective communication and stakeholder management skills are a core requirement for this role.

**Equal Opportunity Employer

  • Third Party Security Consultant

    2 weeks ago

    London, United Kingdom La Fosse Associates Full time

    Multi-national retail business in London are looking for a Third Party Security Contractor for a short term 3 month contract to run the third party security risk assessment process. This role is outside IR35 and will be mostly remote. **THE ROLE** The Third Party Security Consultant will be running third party risk assessment process for the business and...

  • Third Party Security Assurance Manager

    2 weeks ago

    London, United Kingdom La Fosse Associates Full time

    **Third Party Security Assurance Manager** City of London - twice weekly office commitment Up to £75,000 + bonus + package We are looking for a Third-Party Information Security Assurance Manager to join a Global FTSE 100 Insurance business headquartered in the UK - the organisation invests significant resources to cyber with a culture of continuous...

  • Third Party Security Assurance Analyst

    1 week ago

    London, United Kingdom Affinity Water Limited Full time

    Affinity Water has a exciting opportunity available to work in our Cyber Security Team as a Third Party Security Assurance Analyst.The Role: As aThird Party Security Assurance Analyst will be responsible for conducting third-party security risk assessments across the organization's portfolio of technology suppliers. This role requires extensive coordination...

  • Third party risk manager

    2 weeks ago

    London, Greater London, United Kingdom Enfosec Full time £60,000 - £120,000 per year

    Hiring Third Party Risk Manager for a leading FTSE 250 company, position is Remote.Job Description:The Third-Party Risk Manager will be responsible for overseeing the company's third-party risk management program, with a primary focus on information security and compliance. Reporting to the Head of Third Party Risk the successful candidate will collaborate...

  • Strategic Third-Party Security Assurance Analyst

    3 days ago

    Greater London, United Kingdom Affinity Water Limited Full time

    A leading water utility provider in Greater London is seeking a Third Party Security Assurance Analyst. This role involves conducting third-party security risk assessments and ensuring security controls are effectively implemented. Candidates need at least 3 years of relevant experience and certifications like CISSP and CISA. The position offers a...

  • Third Party Security Specialist

    2 weeks ago

    London, United Kingdom Experian Ltd Full time

    Company DescriptionExperian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and...

  • Third-party Risk Specialist

    2 weeks ago

    London, United Kingdom Marcus Donald People Full time

    **Hybrid role: 3 days per week in London office** This is a great opportunity for an experienced GRC specialist to execute the companies heightened security processes. Someone with at least 2-3 years’ experience within security governance, risk and compliance is necessary, as the motivation and aptitude to learn and grow is a key feature. **Third-Party...

  • Third Party Risk

    2 weeks ago

    London, Greater London, United Kingdom KI Full time £60,000 - £100,000 per year

    Who are we?Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers' legs.Ki's mission is simple. Digitally disrupt and revolutionise a 335-year-old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to...

  • Third Party Risk Manager

    3 weeks ago

    London, United Kingdom Oliver James Full time

    Third-Party Risk Manager - Global Lloyd's Market Insurer Location: London (Hybrid - 3 days office)Salary: £90,000 - £115,000 + bonus + benefits We are working on behalf of a global Lloyd's of London market insurer seeking an experienced Third-Party Risk Manager to join their London team. This is an excellent opportunity to play a key role in the...

  • Third Party Risk Manager

    4 days ago

    London, United Kingdom Oliver James Full time

    Third-Party Risk Manager - Global Lloyd's Market InsurerWant to apply Read all the information about this position below, then hit the apply button.Location: London (Hybrid - 3 days office) Salary: £90,000 - £115,000 + bonus + benefits We are working on behalf of a global Lloyd's of London market insurer seeking an experienced Third-Party Risk Manager to...