Job Information
Glory Global Solutions Information Security - Customer and Supplier Assurance Manager in Basingstoke, United Kingdom
Information Security - Customer and Supplier Assurance Manager
City/State
Location UK/Basingstoke
Department Legal - Information Security
Apply Now (https://lde.tbe.taleo.net/lde02/ats/careers/v2/applyRequisition?org=GGS&cws=74&rid=9002)
ROLE TITLE: Information Security – Third – Party Risk Assurance Manager
FUNCTION: Information Security
REPORTING: Director, Information Security
LOCATION: Basingstoke
COMPANY OVERVIEW
As a global leader in cash technology solutions, we provide the financial, retail, cash centre and gaming industries with confidence that their cash is protected and always working to help build a stronger business.
Our cash automation technologies and process engineering services help businesses in more than 100 countries optimise the handling, movement and management of cash. While we span the globe, we personally engage with each customer to address their unique challenges and goals — enhancing staff efficiency, reducing operating costs and enabling a more rewarding customer experience.
We offer peace of mind. We enable transformation. We generate options. We empower people. We do all this by releasing companies from the burden of cash management, putting cash to work, and helping customers enhance the value that their staff and facilities add to their business.
ROLE PURPOSE
In this newly created position, you will be responsible for leading and managing third-party Information Security risk assurance activities. The candidate will work closely with the procurement team, business units, and third-party vendors to ensure that all third-party risks are identified, assessed, and managed effectively.
You will be required to use your knowledge and experience to communicate risks, controls, ownership and accountability within the supply chain, ensuring Information Security is an integral part of supplier management activities. Within this role, you will also be responsible for working with our customers to provide assurance of our security programme and controls across both our Enterprise corporate activities and the Glory product suite. This will involve working across functional teams to take a ‘ground up’ approach to managing Information Security risk within the supply chain, advising on the correct approach and the necessary actions that will be required.
You will be responsible for supporting customer audits and responding to customer queries on Information Security and Information Systems and the associated functional processes and controls. This will include managing the closure of any actions raised. This new role offers an opportunity to be the focal point for our third-party risk assurance programme, ensuring we perform the necessary measures to protect our business and that of our customers.
You must be a highly effective communicator and a supportive team player, taking a consultative approach whilst maintaining the integrity and independence of the General Affairs department. You will combine an ability to navigate organisational politics and manage stakeholders, with a talent for operational delivery and a strong sense of accountability for results.
MAIN RESPONSIBILITIES
Assessment and evaluation of suppliers’ capabilities against applicable requirements, including GGS policies, standards and procedures
Management of the supplier due-diligence process including creation of supplier due diligence assessments and a central repository for frequently asked questions
Lead and conduct Information Security risk assessments of suppliers and vendors.
Work with procurement and business units to ensure that suppliers and vendors comply with cyber security policies and standards.
Monitor suppliers and vendors for cyber security incidents and vulnerabilities
Develop and maintain metrics to measure the effectiveness of the supplier and vendor Information Security risk management program
Lead the completion of customer RFP, RFI due-diligence responses. working across multiple functions, including Sales, Product Development, Information Security and Information Systems to collate applicable information
Manage customer audit requirements co-ordinating requests and actions with other functional teams where required
REQUIRED EDUCATION AND QUALIFICATIONS
Education Level:
A technical degree or professional qualification
Formal security qualifications, such as CISA, CISSP, CRISC or ISO 27001 would be of interest
Knowledge of cloud security and third-party cloud service providers is desirable
REQUIRED SKILLS AND COMPETENCIES
Contributing to an effective Information Security culture in support of business objectives
Establishing and maintaining relationships across stakeholders by monitoring and engaging with the functional teams, partners, and the customer on relevant standards and frameworks
An excellent understanding of Information Security controls
Knowledge of cyber security frameworks such as NIST, ISO27001, or CIS is desirable.
Ability to appropriately identify and manage Information Security risks associated with the supply chain, in line with the business’s risk/cost appetite
Experience in leading and conducting Information Security supplier risk assessments.
A good understanding of supplier management covering procurement, legal and commercial activities
Able to produce clear and comprehensive requirements documentation and flows
Strong written and verbal communication skills
Commitment to excellence and high standards; strong organizational skills; able to manage time, priorities and workload
Ability to work autonomously and drive improvement
Comfortable to challenge seniority and existing processes
Knowledge of OneTrust or ServiceNow and advantage
GLORY SPIRITS
The Glory Spirits & Behaviours reflect the values and behaviours that are critical to the ongoing success of Glory and as such represent the foundations of our behaviour globally to lead us to realise our mission:
þ Value Creation – strive to create value for customers
þ Self-Starter – understand the objectives of your own work and are proactive in achieving goals
þ Collaboration -respect diversity and create a culture of collaboration to work with each other to achieve a common goal
þ Integrity -understand Glory’ Mission and act with responsibility and pride to realise achievement and act and behave with high integrity and a strong sense of ethics
þ Own Growth – leverage our own talent and achieve personal development by adopting a broader perspective; looking beyond our own work.
Glory believes in equal opportunity for all qualified persons and will not discriminate against any applicant for employment because of race, colour, religion, marital status, national origin, gender, age, disability, veteran status, or any other status protected by law.
Third Party Agencies
Unsolicited resumes will not be accepted by Glory. Should an agency choose to send unsolicited resumes, Glory reserves the right to review such resumes but will not be held liable for any fees/charges associated with a candidate hire except where a formal written agreement is in place between Glory and the Agency to source candidates for a specific role.
An Equal Opportunity / Affirmative Action Employer / An E-Verify Employer
It is the policy of Glory Global Solutions, Inc. to provide equal opportunity for all qualified persons and not to discriminate against any applicant for employment because of race, color, religion, national origin, sex, age, disability, protected veteran status, or any other status protected by state or local law at the Glory Global Solutions, Inc. location to which this application is submitted. In addition, as a Federal Government contractor, all Glory Global Solutions, Inc. locations are affirmative action employers.
EEO Information http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf