Information Security Consultant (Third Party Due Diligence)

4 days left

£350 - £500 per day
29 Jan 2018
26 Feb 2018
Mary Worthington
Clearance Level
None / Undisclosed
Job Type

Information Security Consultant (Third Party Due Diligence)

My client, an organisation based in the North West are actively looking for a contract Security consultant to join their expanding team. This will initially be a three month contract, focused around third party supplier due diligence, managing questionnaire reviews and any remediation points. This is a fantastic team, and offers an opportunity to take ownership over this area.

The Role

  • Assist the implementation of Information Security services as part of newly formed CISO team.
  • Coordinate and manage third party supplier security review process, (circa 200+ suppliers), schedule and risk management activities in order to help to understand the supply chain security position.
  • Develops security processes and procedures, and supports service-level agreements to ensure that security services are managed and maintained.
  • Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
  • Manages relationship with external auditors. Receives audit findings, and manages the collection of responses and remediation plans with owners.


  • A strong supplier security focus, with the ability to manage expectations appropriately, to provide a superior experience and build long-term relationships.
  • Contemporary understanding of supplier review processes, and proven experience, and ability to successfully deliver multiple supplier reviews in parallel, effectively, over specific timescales.
  • Ability to prioritise supplier reviews, based on common sense business risk and level of criticality of services.
  • Proven ability to lead supplier review processes, someone that's helped define the approach and successfully delivered using it, (rather than someone who has operated within, existing, predefined processes - already defined for them).
  • Ability to interact with the organisations people, suppliers and business partners at all levels and across all business units, and to comprehend business imperatives.
  • In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
  • In-depth knowledge of risk assessment methods and technologies.
  • Proficiency in performing risk, business impact, control and vulnerability assessments.
  • Experience with common information security management frameworks, such as ISO27001, ITIL, COBIT and National Institute of Standards and Technology (NIST).
  • Strong analytical skills to analyse security requirements and relate them to appropriate security controls.
  • Minimum 4 years information security experience.
  • Certification from CISSP/ CISA, or similar.

Apply for Information Security Consultant (Third Party Due Diligence)

Already uploaded your CV? Sign in to apply instantly


Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB

4000 characters left

By applying for a job listed on you agree to our terms and conditions and privacy policy. You should never be required to provide bank account details. If you are, please email us.

Similar jobs

Similar jobs