Back to Job Search

Risk Analyst - 3rd Party

  • Location: Glasgow
  • Salary: Pension, 38.5 days holiday per year per year
  • Job Type:Permanent

Posted 20 days ago

  • Sector: Financial Services
  • Contact: James Taylor
  • Expiry Date: 16 July 2022
  • Job Ref: JN -052022-470719

Hydrogen Group are currently looking for a Risk Analyst. The role is a permeant role working for a challenger bank. The position is a fully remote role and is paying a competitive salary plus an excellent benefits package which includes over 40 days holiday per year.

You will sit in the Cyber Projects team.

You will have an important role in protecting the Bank and its customers working across several the Bank's change initiatives and provide security expertise to Business and Technical stakeholders at all levels. You will take a leading role in ensuring that security controls are delivered inside Projects and change initiatives in line with business risk appetite in relation to 3rd party supplier risk, as well as technology solutions.

Responsibilities

· Provision of end-to-end Cyber Security advice, guidance and direction to all projects and business change activities.

· Performing 3rd party due diligence and onboarding from a security perspective for new suppliers or where there are changes to existing supplier services, contract renewals and supplier exits, identifying any supplier risks and supporting key aspects of supplier governance from a security perspective.

· Working collaboratively across the Information Security & Resilience team, as well as the wider Bank, to ensure cyber risks and threats are appropriately managed on change initiatives.

· Defining appropriate security requirements and controls to mitigate identified security risks across change initiatives.

· Influencing the right security risk outcomes for the organisation in line with risk appetite.

Key skills

· A passion for Cyber Security and risk.

· Experience of 3rd Party Risk Management from a security or IT perspective.

· Strong working knowledge of Information Security principles and key technical solution approaches.

· Practical experience and application of risk management principles and methodologies.

· Knowledge of information security related policy, standards and methodologies and associated information security legislation.

· The ability to engage a range of stakeholders to influence decisions to improve security across the company.

· Proven ability to make sound pragmatic decisions and judgements under tight timelines, within a dynamic and fast-moving environment.

Desirable skills


· Experience of using Prevalent or similar 3rd Party Security management tool.

...