Skip Navigation

Third Party Security Assurance Manager

Third Party Security Assurance Manager

Team: Cyber Security
Reports To: Security Strategy & Compliance Lead
Location: Reading
Job Type: Permanent/Full Time

Job Purpose:
Primark Technology is about to embark on a transformation journey to support business strategy which includes modernising our operating model as well as technology architecture and Cyber Security posture
This role is key in building and improving Primark’s Cyber Security Posture.

Key Responsibilities:
  • Act as the subject matter expert for supplier on-boarding activities and security assurance reviews of third parties and suppliers to manage the associated security risks.
  • Build and maintain relationships with stakeholders such as Legal, Procurement and suppliers to ensure that they are assessed, on-boarded, monitored and off-boarded in line with policy
  • Increase the maturity of Primark’s third-party supplier governance process leveraging GRC platform to automate key processes and speed up decision making.
  • Implement a standardised approach to measuring compliance against Security Policies and Standards, Financial control framework and Industry Standards
  • Support ISO in embedding Policies and Standards with vendors and internal teams.
  • Support the Risk Management process by ensuring all gaps in Policy and Security capability are fully documented in line with the risk acceptance process
  • Work on addressing Policy gaps by advising the business of the appropriate technologies and supporting processes required.
  • Monitor ongoing compliance of third parties and suppliers in line with policy and risk profile.
  • Lead the oversight of all supporting activities, including reporting, flagging risks and issue remediation.


Knowledge & Experience Required:
  • 3+ years experience of providing third party security assurance within a global organisation and detailed knowledge of Information Security Risk Management best practice and controls
  • An appropriate degree, equivalent qualification or experience
  • A recognised security certification is desirable e.g. CISM, CISA, CISSP or CRISC
Successful candidates will:
  • Be a passionate professional able to inspire others to challenge and disrupt the current reality to co-create a compelling technology/cyber security orientated future business by embracing new ways of working and successfully executing new opportunities
  • An understanding and background partnering closely with stakeholders such as Legal, Procurement, Security compliance and privacy teams
  • Significant experience of providing security supplier assurance in a complex global organisation
  • Excellent stakeholder management, communication and influencing skills.
  • Thorough understanding of supplier governance, understanding of security management processes, practices and technical countermeasures.
  • Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
Apply

Learn more about Primark

SIGN UP FOR EMAIL JOB ALERTS

If you would like to sign up for email job alerts for future roles with Primark you can do so using the form below. We will only use the details you provide below to inform you about future vacancies that match your search criteria if and when they become available. The details you provide on this page will not be used to send unsolicited communication and will not be sold to a third party. You can select as many categories and locations as you wish.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.