Director of Third Party Risk Management - London

apartmentArcus Search placeLondon descriptionPermanent calendar_month 
Job Title: Information Security 3rd Party Supplier Relationship DirectorLocation: LondonJob Type: Full-Time FreelancerJob Summary: We are seeking a highly skilled and experienced Information Security 3rd Party Supplier Relationship Director to oversee and manage our organizations relationships with third-party suppliers in the insurance industry.
The ideal candidate will ensure that all third-party vendors meet our stringent information security standards and comply with applicable regulations. This position requires strong leadership, strategic thinking, and the ability to effectively communicate with internal stakeholders and external partners.

Key Responsibilities: Supplier Risk Management: Develop and implement a comprehensive supplier risk management framework that assesses the information security posture of third-party vendors. Conduct regular risk assessments and due diligence reviews of potential and existing suppliers.Policy Development: Create and enforce information security policies and procedures related to third-party engagements, ensuring alignment with industry standards and regulatory requirements.Vendor Evaluation and Selection: Collaborate with procurement and business units to evaluate and select suppliers based on information security criteria.

Lead the information security assessment process for new vendors.Contract Management: Review and negotiate contracts with third-party suppliers to ensure that security-related clauses and requirements are included. Work with legal teams to mitigate legal risks associated with third-party relationships.Monitoring and Reporting: Establish metrics for assessing vendor performance and compliance with information security requirements.

Monitor and report on third-party supplier security incidents and breaches.Stakeholder Engagement: Serve as the primary point of contact for internal stakeholders regarding third-party information security issues. Communicate effectively with business units to ensure alignment on security objectives and requirements.Training and Awareness: Develop and deliver training programs for employees regarding third-party risk management and information security best practices.Incident Response: Coordinate incident response activities related to third-party suppliers, ensuring timely communication and remediation efforts.Continuous Improvement: Stay updated on industry trends, threats, and regulatory changes that impact third-party risk management and information security.

Continuously improve processes to enhance security posture. Qualifications: Bachelors degree in Information Security, Computer Science, Business Administration, or a related field; masters degree is a plus.Minimum of 10 years of experience in information security, risk management, or compliance, with a focus on third-party supplier management.In-depth knowledge of information security frameworks (e.g., NIST, ISO 27001) and regulatory requirements specific to the insurance industry (e.g., GLBA, HIPAA).Strong analytical, problem-solving, and decision-making skills with a keen attention to detail.Excellent interpersonal and communication skills, with the ability to build strong relationships with vendors and internal stakeholders.Experience with security assessment tools and vendor management platforms is preferred.Relevant certifications (e.g., CISSP, CISM, CRISC, or equivalent) are highly desirable.

Additional Information: Ability to work independently and collaboratively in a fast-paced environment.Willingness to travel occasionally for vendor assessments and meetings.Understanding of the insurance industrys specific challenges related to information security and third-party risk management.

business_centerHigh salary

Director of Risk Management

placeLondon
Job Purpose ICE Clear Europe's Clearing Risk Department (CRD") is looking for a front office risk director. The successful candidate will work closely with the senior management in overseeing and shaping the risk management practice at one...
apartmentCitibank (Switzerland) AGplaceLondon
Compliance Risk Management Programs - Senior Officer (Senior Vice President) Apply remote type Hybrid locations London United Kingdom time type Full time posted on Posted Yesterday job requisition id Serves as a senior compliance risk officer...
apartmentJameson Legal.placeCity of London, 2 mi from London
Description: Our client is seeking a Director of Compliance and Risk Management. Reporting to the General Counsel, this person will act as the lead for the UK Group responsible for establishing, maintaining, and improving a robust compliance program...