Information Security Manager - 3rd Party Suppliers

London Permanent £50,000 - £60,000
  • CISSP, CISA, CISM, ISO27001, NIST, 3rd party assurance
  • Risk Management, Identity & Access Management

About Our Client

My client is a great government delivery success story. They have been a critical pillar of the government's automatic enrolment programme around pensions.They promote a diverse workforce and an inclusive environment, with a desire to bring in the best talent to help grow the organisation further.

Job Description

Information Security Manager - 3rd Party SuppliersThe Information Security team functions as part of the second line of defence in the Risk and Compliance directorate. It consists of 5 roles and is accountable for the development, implementation and on-going maintenance of the ISMS (Information Security Management System) processes across the organisation.

The Information Security Manager reports into the Head of Information Security and is responsible for ensuring that all third-party suppliers meet the organisation's security risk profile and business requirements, including legislative and regulatory obligations. The role will assess the security posture of third parties and will design information security controls for the organisation and key third-party suppliers. This role will work across all internal departments, programmes, projects and initiatives, providing oversight and support to them in procuring third party suppliers.

The Successful Applicant

Information Security Manager - 3rd Party SuppliersExperience and technical skills

The role holder should be able to demonstrate:

  • Practical experience working with third party suppliers to audit and evidence compliance with security policies, standards etc.
  • Practical experience using ISO 27001/2, NIST CSF and other security standards in the design and management of information security controls.
  • Understanding and experience of various Information Security domains including Security Architecture, Information Security Governance, Network Security, Data Protection, Risk Management, Identity & Access Management, Vulnerability Management, Anti-Malware, Mobile Device Management and Cloud Security
  • Experience of working within the Financial Services, whilst beneficial, is not essential

Personal attributes required

The Information Security Oversight Manager will be able to demonstrate:

  • Teamworking skills, capable of collaborating with 3rd Party Information Security teams, Information Security team members, members of other teams in the organisation and various dynamic resourcing options (e.g. contractors and consultants) when necessary
  • Multitasking skills, capable of managing multiple tasks/projects
  • Communication skills, capable of explaining complex information security requirements using clear and unambiguous language with business audiences, alongside demonstrating influencing and negotiation skills
  • People-management skills; capable of coaching and mentoring junior team members

What's on Offer

Information Security Manager - 3rd Party Suppliers


Public sector and government

Offering a competitive package and excellent work benefits with an inclusive organisation

David Turner
Quote job ref
Phone number
+44 20 7269 2310

Job summary

Public Sector
Contract type
Consultant name
David Turner
Consultant phone
+44 20 7269 2310
Job reference