Third Party Cyber Risk Manager

Description

• This role is responsible for managing the cyber risk that third parties pose for the Capricorn Group

Duties

• Assisting the CISO in the delivering the Cyber Resiliency Program (CRP) relating to third party cyber risk management activities
• Maintaining and/or implementing suitable third-party cyber risk management policies, processes, framework, controls, tools and mechanisms
• Monitoring the cyber posture of the group’s third parties and engaging with third parties to remediate concerns
• Executing risk assessments and assurance activities for third party cyber risk
• Managing the third-party cyber risk components of the procurement process
• Maintaining the group’s third-party cyber risk management platform
• Establishing relationships with the cyber teams of key and high risk third parties
• Engaging with various business entities and business areas in the group regarding the cyber risk that their third parties pose to the group
• Ensuring that metrics for third party cyber risk management are incorporated in the CyberMIS
• Ensuring that contracts with third parties have the required cyber risk clauses incorporated including alignment with regulation where relevant

Requisites

• 3 years’ experience in cyber risk management
• Working knowledge of information security standards
• Working knowledge of information security frameworks
• Working knowledge of cyber risk management and maturity frameworks
• Working knowledge of third-party cyber risk management

Notes

• Only shortlisted applicants will be contacted