Beschreibung
On behalf of our client, we are looking for aCyber Security Vendor Assurance Manager (m/f)
Overview:
The Cyber Security Vendor Assurance Manager is responsible for managing our clients’ strategic partners to deliver products and services in alignment with security and regulatory requirements as well as its overall business strategy.
The successful candidate will assist in negotiating, establishing and maintaining commercial contracts and ensure effective engagement and communication with vendors to maintain security service stan-dards.
They will work with the Chief Information Security Office (CISO) organization as well as various business lines to ensure there is effective monitoring, oversight and alignment of vendor relationships – including risk reviews, change management, issue escalation, etc.
The candidate will contribute to, and operate within, a cyber-security vendor governance framework to ensure consistency in governing vendor relationships and leveraging cross vendor / cross function knowledge and strategy within the organization.
Key responsibilities:
• Ensures effective onboarding and service readiness assessment of vendors in line with the cyber-security vendor governance framework, requirements and processes
• Defines and documents expected cyber-security service expectations to be delivered by vendor and those to be delivered by our client to provide a complete service experience
• Manages vendor issues to resolve appropriately and escalates to senior management, where needed
• Builds and maintains methods of vendor performance and data monitoring sufficient for trend analy-sis, benchmarking and recommendations, including high quality management information appropriate for up to Executive Committee review
• Together with service owner, establishes and on an ongoing basis carries out analysis of vendor performance to ensure compliance against contracted service levels and continuous improvement
• Provides expertise in contract templates and frameworks throughout their lifecycle including RFI/RFP and renewal activities.
• Contributes to the build and enablement of a standardised set of procedures and tools to reduce complexity
• Supports clients and peers with sourcing activities – promoting standardised processes and best practices. Understands client’s requirements, vision and promote ‘win-win’ outcomes
• Provides business analysis and project management skills to co-ordinate security requirements with the Integrated Sourcing Teams (ISTs) in the negotiation, set up, and maintenance of commercial contracts, to include service level agreements and other relevant key performance indicators content
• Identifies and manages potential security risks within sourcing arrangements, service (and operating) level agreements, to ensure tracking and resolution by vendors or otherwise. Will include the defini-tion and assessment of tactical and strategic mitigation methods
• Ensures compliance with our clients’ defined governance, relevant training and maintains awareness of regional (local) and industry governing bodies’ standards
• Supports supply chain risk management in promoting good practices and providing early risk/issue identification and mitigation, with appropriate escalation
• Actively communicates and cascades the CISO strategy, plans and values at all levels in the organisa-tion driving a high performance culture, enabling effective navigation of the organisation, and support-ing efficient decision making
Experience and Skills:
• 5+ years’ experience in the field of IT Security and/or Information Assurance
• Experience in vendor and contract management in the Financial Services/Management industry
• Relevant Bachelor or Master Degree (or equivalent) in Computer Science or Engineering (or other relevant discipline) from an accredited college or university (or equivalent)
• Proven experience in identifying and delivering process improvement projects in a complex opera-ting environment using strong relationship building skills
• Good working knowledge of international security standards such as ISO, NIST and global financial industry regulations.
• Good working knowledge of ITIL and CoBIT
• Good working knowledge of security services such as vulnerability management, security incident management, security problem management, compliance management etc.
• Excellent strategic agility, critical thinker, communication, influencing
• Strong business planning skills, able to drive change
• Fluent in English (written/verbal) with excellent communication and presentation skills
Project Reference: P
Start: June 2015
Ending: December 2015
Contract: freelance, onsite, fulltime
Location: Frankfurt am Main Area