Third Party Cyber Risk Manager (Sp7)-Cyber Security

Third Party Cyber Risk Manager (SP7)-Cyber Security

Listing reference: capgh_000201

Listing status: Online

Apply by: 30 August 2023

Position summary

Introduction

PRIMARY PURPOSE OF THIS POSITION This role is responsible for managing the cyber risk that third parties pose for the Capricorn Group

Job description

a)Assisting the CISO in the delivering the Cyber Resiliency Program (CRP) relating to third party cyber risk management activities.

b)Maintaining and/or implementing suitable third-party cyber risk management policies, processes, framework, controls, tools and mechanisms.

c)Monitoring the cyber posture of the groups third parties and engaging with third parties to remediate concerns.

d)Executing risk assessments and assurance activities for third party cyber risk.

e)Managing the third-party cyber risk components of the procurement process.

f)Maintaining the groups third-party cyber risk management platform.

g)Establishing relationships with the cyber teams of key and high risk third parties.

h)Engaging with various business entities and business areas in the group regarding the cyber risk that their third parties pose to the group.

i)Ensuring that metrics for third party cyber risk management are incorporated in the CyberMIS.

j)Ensuring that contracts with third parties have the required cyber risk clauses incorporated including alignment with regulation where relevant.

Minimum requirements

Experience/Knowledge & Skills

• 3 years experience in cyber risk management.
• Working knowledge of information security standards
• Working knowledge of information security frameworks
• Working knowledge of cyber risk management and maturity frameworks
• Working knowledge of third-party cyber risk management