Senior Third Party Security Manager

Kraków - Poland

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Description

Senior Third Party Security Manager Band 6

Division: CISO

About the Role:We are seeking a dynamic and experienced Third Party Security Manager to join the IT Risk this role you will be responsible for internal coordination of Third Party Security assessments for all external Third Parties including Merger and Acquisition initiatives and enable the post-merger integration initiatives when applicable.

To achieve it you will work closely with multi-functional teams from all the organization and will be exposed to a diversified set of topics business and technologies.

Role Description IT Security Manager

The role will be responsible for execution of risk-based IT Security controls for Third Parties. Key responsibilities:

Merge and Acquisition Assurance:

Assessment and Due Diligence execution on future mergers and acquisitions
Consulting and support in definition of security road up for potential start ups
Prepare detailed reports on findings and Security recommendations

Third-Party Assurance Lifecycle

Due Diligence - risk profiling onboarding re-certification
Contract Management - ensuring that the security expectations included in the contract are proportionate to the risk profiling
Exit Management - performance of necessary security checks at the end of a contractual agreement with a Third Party
Ongoing monitoring - Facilitate and support response to the alerting and incident of external Third Parties

Continues Improvements

Participate and support in delivery of regulatory driven change i.e. DORA
Identify design and implement process improvements
Lead demand capacity management
Deliver training and coaching sessions for the team
Taking initiatives to document and communicate intensively to further increase Third Party Security knowledge and expertise

Core Skills

Previous experience in Third Party Security Management (i.e. Due Diligence) is mandatory
Knowledge of security risk management
Knowledge of control frameworks e.g. ISO 27000 NIST CIS-18 COBIT-5
Knowledge of relevant regulations i.e. DORA Outsourcing ESMA etc.
Knowledge of logging monitoring and alerting is an advantage
Knowledge of similar ecosystem frameworks e.g. SWIFT CSP is an advantage
Knowledge of financial markets FMIs and CSD operations is an advantage
Experience with supplier and supply chain due diligence framework procedures data gathering risk and control assessment.
Experience with contract review of information security schedules and terms
Knowledge of logging monitoring and alerting is an advantage
Experience with ServiceNow GRC is an advantage
IT Security Certification such as CISSP CSSLP CCSP CISM CISMP GCIH CEH etc. is an advantage.

Soft Skills

Leadership. Be an inspiring and engaging leader by providing strategy and direction to team members by showing business acumen by possessing self-reflection and by being results-driven
Interpersonal. Be self-motivated and proactive have strong innovative and creative problem-solving skills be open and welcoming to change work comfortably in a constantly evolving environment and have an ability to remain calm under pressure and in the face of uncertainty.
Collaborative. Work comfortably with business executives and stakeholders within group settings or with team-members
Change. Ability to handle multiple projects against tight deadlines whilst being instrumental in delivering cultural change throughout the organisation
Experience with managing regulatory compliance issues as well as providing best practices in security
Strong organisation prioritisation management coordination reporting and communication

#LI-NS1

Required Experience:

Manager

DescriptionSenior Third Party Security Manager Band 6Division: CISOAbout the Role:We are seeking a dynamic and experienced Third Party Security Manager to join the IT Risk this role you will be responsible for internal coordination of Third Party Security assessments for all external Third Parties ...

Description

Senior Third Party Security Manager Band 6

Division: CISO

To achieve it you will work closely with multi-functional teams from all the organization and will be exposed to a diversified set of topics business and technologies.

Role Description IT Security Manager

The role will be responsible for execution of risk-based IT Security controls for Third Parties. Key responsibilities:

Merge and Acquisition Assurance:

Assessment and Due Diligence execution on future mergers and acquisitions
Consulting and support in definition of security road up for potential start ups
Prepare detailed reports on findings and Security recommendations

Third-Party Assurance Lifecycle

Due Diligence - risk profiling onboarding re-certification
Contract Management - ensuring that the security expectations included in the contract are proportionate to the risk profiling
Exit Management - performance of necessary security checks at the end of a contractual agreement with a Third Party
Ongoing monitoring - Facilitate and support response to the alerting and incident of external Third Parties

Continues Improvements

Participate and support in delivery of regulatory driven change i.e. DORA
Identify design and implement process improvements
Lead demand capacity management
Deliver training and coaching sessions for the team
Taking initiatives to document and communicate intensively to further increase Third Party Security knowledge and expertise

Core Skills

Previous experience in Third Party Security Management (i.e. Due Diligence) is mandatory
Knowledge of security risk management
Knowledge of control frameworks e.g. ISO 27000 NIST CIS-18 COBIT-5
Knowledge of relevant regulations i.e. DORA Outsourcing ESMA etc.
Knowledge of logging monitoring and alerting is an advantage
Knowledge of similar ecosystem frameworks e.g. SWIFT CSP is an advantage
Knowledge of financial markets FMIs and CSD operations is an advantage
Experience with supplier and supply chain due diligence framework procedures data gathering risk and control assessment.
Experience with contract review of information security schedules and terms
Knowledge of logging monitoring and alerting is an advantage
Experience with ServiceNow GRC is an advantage
IT Security Certification such as CISSP CSSLP CCSP CISM CISMP GCIH CEH etc. is an advantage.

Soft Skills

Leadership. Be an inspiring and engaging leader by providing strategy and direction to team members by showing business acumen by possessing self-reflection and by being results-driven
Interpersonal. Be self-motivated and proactive have strong innovative and creative problem-solving skills be open and welcoming to change work comfortably in a constantly evolving environment and have an ability to remain calm under pressure and in the face of uncertainty.
Collaborative. Work comfortably with business executives and stakeholders within group settings or with team-members
Change. Ability to handle multiple projects against tight deadlines whilst being instrumental in delivering cultural change throughout the organisation
Experience with managing regulatory compliance issues as well as providing best practices in security
Strong organisation prioritisation management coordination reporting and communication

#LI-NS1

Required Experience:

Manager

Key Skills

IT Experience
ISO 27001
Splunk
System Security Plans
Network security
HTTPS
PCI
gRPC
NIST Standards
Information Security
Encryption
ISO 27002

Apply Now

About Company

Euroclear

Why join us Embark on your new adventure at Euroclear, and work at the heart of the global capital markets. We connect over 2,000 financial institutions across the globe. As an open and resilient infrastructure, we contribute to the stability of the financial markets. We help clients ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click