Information Security Risk Lead - CISSP, Third Party Risk Assessment, GDPR

An International Insurance Firm is looking for an Information Security Risk Lead to join their team. This is an exciting opportunity for a senior individual to come in and establish information security controls within the organisation and of third parties to determine the associated information security risk and communicate posture to the business.

Responsibilities will include:

• Provide research and analysis to handle inbound cybersecurity inquiries from company's third parties
• Complete research and analysis related to vetting new or potentially new third parties
• Provide recommendations for communicating identified security risks of new or potentially new third parties
• Provide guidance in identifying, evaluating, and developing processes and procedures that are effective; meet information security standards and requirements, and follow information security policies and regulations

Skills required:

• Ability to assess information security controls based on cybersecurity principles and tenets (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
• Ability to perform impact/risk assessments
• Ability to manage business partner relationships, including determining needs/requirements, managing expectations, and demonstrating commitment to delivering quality results

• Good communication skills - (written and verbal)