Third-Party Assurance Manager

  • Anywhere
  • Anywhere

Aviva

We are currently recruiting for a Third-Party Assurance Manager to be a part of our Third-Party Information Security Assurance Team (TPISA).

As the Third-Party Assurance Manager, you will manage the process within a defined market and act as the single point of contact for TPISA related information. You will provide your subject matter expertise to ensure that all existing suppliers are assessed or on-boarded with appropriate due diligence or security maturity identification.

Having an information security background and experience with third party assurance is significant for the role as you will manage and work with internal stakeholders, external consultants and Aviva suppliers to identify the key risks associated with existing supplies.

Responsibilities in the role:

  • Lead TPISA resource for a defined Market(s) whilst working as part of a global team to provide supplier data security advice and guidance
  • Understand and communicate the overall risk posture of suppliers within a defined set of market(s) through managing the annual assurance process, excellent stakeholder management, reporting and attendance to key forums
  • Provide subject matter expertise on all new supplier on-boarding activities including due diligence testing and security schedule contract negotiation
  • Perform on-site Third-Party Security Assessment (TPSA) assessments of critical suppliers within the UK & Ireland, Europe and worldwide that transmit, process or store Aviva related data
  • Work with existing and new suppliers to confirm exit strategy, data retention and data return measures
  • Own the back-office functions and activities including budget, TPSA scheduling, PMO, Reporting and remediation tracking for defined market(s)
  • Assist the team in a continuous improvement regime
  • Be prepared to travel for assessments (includes international) – between 30-40%
  • Able to work collaboratively with teams from other disciplines within Aviva and with the supplier
  • Able to work under pressure to deliver good quality assessment reports

Skills and experience we’re looking for:

  • Good knowledge of all domains within security e.g., BCM, Physical, GDPR/Data Protection, Cloud, Security Management
  • Ability to explain technical complex concepts to non-technical stakeholders and suppliers
  • Experience of conducting high level assessments and deep dive multi-day assessments or audits
  • Ability to produce high quality audit or assessment reports
  • Ability to provide PMO and reporting activity in support of a broader function
  • Good communication and influencing and negotiation skills
  • Experience in similar role for a complex global organisation (insurance or financial services sector preferred but not essential)
  • Experience of conducting contractual mark-up and negotiation with suppliers

Qualification:

  • A recognised security certification such as CISSP, CISA, CISM, ISO/IEC 27001 Lead Auditor or CCSP is desirable but not essential

What will you get for this role?

  • Competitive salary depending on skills, experience and qualifications
  • Generous defined contribution pension scheme
  • Annual performance related bonus and pay review
  • Holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
  • Up to 40% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family (some exclusions apply)
  • Excellent range of flexible benefits to include a matching share save scheme

Working at Aviva

At Aviva, we’re people with a purpose. To be with you today, for a better tomorrow.

We bring this to life by ensuring managing risk is at the heart of the way we all work. We love people who do the right thing for our customers, and our colleagues. We want people who speak up, who take ownership, and who make good decisions.

The way we do this is important too, we’re all about our people – that’s you – so we can be pretty flexible. If you want to work from home some of the time or change your hours so you can pick up your kids or care for someone in your family, we’re very open to that. In fact, we don’t advertise roles as either part or full time, because we know each person has different needs, just as each business area has different needs. So, it’s up to you to discuss working hours during your interview.

We care deeply about being inclusive and that means we encourage applications from people with diverse backgrounds and experiences. We want our employees to bring their whole self to work and that starts with you.

We interview every disabled applicant* that meets the minimum criteria for the job. Once you’ve applied, please send us a separate email stating that you have a disclosed disability and we’ll make sure we interview you.

We’d love it if you could submit your application online. If you require an alternative method of applying, please give Lacey Lane a call on 0207 255 0884  or send an email to [email protected]

*As defined in The Equality Act 2010*. By ‘minimum criteria’ we mean you should provide us with evidence which demonstrates that you generally meet the level of competence required and have the qualifications, skills or experience defined as essential to perform the role.

To apply for this job please visit www.cybersecurityjobsite.com.

To apply for this job please visit www.cybersecurityjobsite.com.

Contact us

Aviva

Related Jobs