IT Third-Party Cyber Assurance Specialist

  • Anywhere
  • Anywhere


UK CISO are seeking an IT Third-Party Cyber Assurance Specialist to be part of their phenomenal team! We are flexible with location and the role can be based at one of our offices convenient to your location.

This opportunity could be ideal for you if you are looking for a challenging but rewarding role, where you are truly valued and empowered; we rely on our IT Third-Party Cyber Assurance Specialists to manage effective relationships with Third Parties and wider business stakeholders, assuring that our cybersecurity controls and policies are properly implemented and maintained.

Aviva provides around 31 million customers worldwide with insurance, savings and investment products. We are the UK’s largest insurer and one of Europe’s leading providers of life and general insurance. We combine strong life insurance, general insurance and asset management businesses under one powerful brand. We are committed to serving our customers well in order to build a stronger, sustainable business, which makes a positive contribution to society, and for which our people are proud to work. 

The UK CISO acts as the control and facilitation point for security related tasks and activities, which are executed in the broader local organisation in order to ensure a reliable end to end chain of responsibility from group to local execution. They are responsible for driving forward standards of excellence within security and through discussions with the Group CISO setting the local strategy and contributing into the group strategy for security.

As the IT Third-Party Cyber Assurance Specialist, you will display a level of technical acumen – to understand issues, provide input into working groups, and assess risk – and in possession of third-party management or applicable relationship management experience. You will be responsible for a variety of tasks, such as information security, risk, commercial, service management and Third-Party Information Security Assurance [TPISA].

Responsibilities in the role:

  • Provide a view and challenge on supplier information security activities
  • Build improvements to third-party security and reporting
  • Craft improvements to the third-party business protection standards 
  • Ensure documents and risks are kept up to date and aligned
  • Be point of contact into UKCISO for third party suppliers and Aviva supplier owners
  • Attend architecture service and design assurance, technical working groups and formal supplier governance meetings to cover matters relating to cyber security management for third party suppliers
  • Provide your input with third party security schedule reviews and assist in edits to third party security schedules
  • Articulate and consider information security and technical risks
  • Review technical security standards, policies, and controls
  • Support and work closely with other areas of the business

Skills and experience we’re looking for:

  • Able to quickly learn and adapt to new technologies, processes, and practices
  • High level of initiative – able to self-direct and operate independently, proactively, with confidence – after suitable acclimatisation
  • Good technical experience and acumen; able to communicate with technical staff and understand complex IT and cybersecurity issues at a high level
  • Risk assessment and management skills
  • Awareness of cybersecurity technologies, developments, and issues
  • Third party supplier management experience – ideally in the ICT sector
  • Good understanding and ability to operate within formal governance frameworks
  • Ability to work effectively and in collaboration with other teams
  • Enjoy building positive relationships
  • Strong analytical skills
  • Experience of working within large complex organisations
  • An understanding of the IT strategy and IT change activity
  • Good experience of cyber security – desirable
  • Security qualification, CISM or CISSP or C-RISK or equivalent – desirable

What will you get for this role?

  • Salary up to £55,000 dependent on location, skills, experience, and qualifications
  • A generous defined contribution pension scheme
  • Annual performance related bonus and pay review
  • A holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
  • Up to 40% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family (some exclusions apply)
  • Excellent range of flexible benefits to include a matching share save scheme

Working at Aviva

At Aviva, we’re people with a purpose. To be with you today, for a better tomorrow.

We bring this to life by ensuring risk handling is at the heart of the way we all work. We love people who do the right thing for our customers, and our colleagues. We want people who speak up, who take ownership, and who make good decisions.

The way we do this is important too. We always ‘Care More’. It’s our thing. We’re all about our people – that’s you – so we can be pretty flexible. If you want to work from home some of the time or change your hours so you can pick up your kids or care for someone in your family, we’re very open to that. In fact, we don’t advertise roles as either part or full time, because we know each person has different needs, just as each business area has different needs. So, it’s up to you to discuss working hours during your interview.

We care deeply about being inclusive and that means we encourage applications from people with a diverse group of backgrounds and experiences. We want our employees to bring their whole self to work and that starts with you.

We interview every disabled applicant* that meets the minimum criteria for the job. Once you’ve applied, please send us a separate email stating that you have a disclosed disability, and we’ll make sure we interview you.

We’d love it if you could submit your application online. If you require an alternative method of applying, please give Lacey Lane Mckoy a call on 0207 255 0884 or send an email to [email protected]

*As defined in The Equality Act 2010*. By ‘minimum criteria’ we mean you should provide us with evidence which demonstrates that you generally meet the level of competence required and have the qualifications, skills or experience defined as essential to perform the role.

To apply for this job please visit

To apply for this job please visit

Contact us


Related Jobs