As Supplier Risk Specialist you will provide a Supplier Risk assessment service to the organisation as part of the overall Information Security Function. Working closely with Risk, Legal, Procurement, Data Protection, Claims, Operations and HR you will play an active role in the planning, prioritisation, coordination and delivery of Supplier Risk Assessments, including all 3rd party software products used by IT, public facing web portals, or websites, Software-as-a-Service cloud solutions. JOB DETAILS
Your responsibilities will include:
* Own, manage, run and develop the Supplier Risk Assessment service.
* Maintain the Risk Assessment procedure
* Produce Risk Assessment management information
* Produce risk scoring for in-scope suppliers
* Leverage technologies to increase volume and accuracy of risk assessed suppliers.
* Plan, execute, track and report on all risk assessments for up to 1000 suppliers.
* Work with Supplier managers & Suppliers to mitigate, escalate and remove any High-risk issues.
* Managing and updating Atamis SaaS or the Supplier Risk Assessment tracking spreadsheet and corresponding evidence folders.
* Cross reference suppliers with ICO register for DPA / GDPR compliance
* Contribute ideas and suggestions to improve the Information Security team processes.
* Contribute to Information Security Policy & other documentation updates.
* Participate in the Cyber awareness training, tracking and reporting for 2500 Colleagues
You will have:
* Experience working in a similar role coupled with expertise in Supplier Risk assessments, risk management, risk mitigation.
* Good IT technology knowledge linked to Web Security, Email Security, File transfer and data storage.
* Knowledge of GDPR and Data Protection Act 2018
* A background in Information Risk or Risk Management, previous experience working for an Insurance Provider / IT Department or a keen interest in a fast-paced, technical/IT environment would be ideal.
* Advanced IT skills including Microsoft Office (especially Excel) ,Outlook and Powerpoint.