Third-Party Security Manager Job Vacancy in UAE Abdu Dhabi
Posted date [2024-10-17]
(ID: 32237)
 |
We are dedicated to helping your business thrive by connecting you with the best talent in the industry. We specialise in matching skilled candidates with the right opportunities, ensuring they find the perfect fit to advance their careers. |
The Third-Party Security Manager is responsible for managing and overseeing third-party risk management and assisting in the review and maintenance of the third-party risk management framework to meet the Group\'s needs. This role involves supporting the Head of IS Third Party Security in making informed decisions regarding critical third-party vendors and proactively assessing associated risks.
Key Metrics:
Percentage of third-party assessments completed on or before target dates within planned cost and quality requirements.
Percentage of implemented risk mitigation controls from the total number of planned controls.
Number of third-party issues remediated within target dates.
Percentage of compliance with relevant regulatory requirements.
Key Accountabilities of the Role:
Execute and supervise business services, processes, and technologies to conduct business impact analyses.
Support the Head of IS Third Party Security in articulating risk appetite and third-party security requirements.
Conduct detailed technical security assessments for third-party security and business operations.
Perform data privacy impact analyses and assist businesses and vendors in completing assessments as a subject matter expert.
Manage assessment projects under GISD, ensuring quality and timeliness of delivery.
Coordinate with subsidiaries and international business units to deliver assessments for third parties and projects per departmental plans.
Collaborate with internal audit, business units, and risk management teams to align third-party security requirements and mitigating controls.
Execute technical security assessments for third-party security, reporting findings to GISD leadership and relevant teams.
Maintain documentation related to the third-party security unit, including policies, procedures, and frameworks.
Keep the third-party asset criticality register updated with vendor details periodically.
Report and notify relevant units within GISD of all third-party issues and risks.
Document and maintain all issues in the third-party issues register.
Follow up regularly with business units on third-party issues and their action plans.
Support digital security and cloud security initiatives and participate in the bank\'s digital transformation efforts.
Ensure that third-party ecosystems are adequately protected and that security controls are followed by all third parties accessing bank data.
Assist in maintaining the third-party security risk management framework aligned with the ORM framework.
Develop and assist in reporting on third-party security KPIs and KRIs through dashboards for various forums.
Communicate third-party risks and remediation plans to relevant stakeholders and ensure follow-up on implementation.
Measure, monitor, and report on third-party risks.
Engage staff and vendors to develop risk mitigation plans for identified risks in vendor reviews.
Monitor and report on the execution of information security risk mitigation plans.
Specialist Skills / Technical Knowledge Required for This Role:
Key Metrics:
Percentage of third-party assessments completed on or before target dates within planned cost and quality requirements.
Percentage of implemented risk mitigation controls from the total number of planned controls.
Number of third-party issues remediated within target dates.
Percentage of compliance with relevant regulatory requirements.
Key Accountabilities of the Role:
Execute and supervise business services, processes, and technologies to conduct business impact analyses.
Support the Head of IS Third Party Security in articulating risk appetite and third-party security requirements.
Conduct detailed technical security assessments for third-party security and business operations.
Perform data privacy impact analyses and assist businesses and vendors in completing assessments as a subject matter expert.
Manage assessment projects under GISD, ensuring quality and timeliness of delivery.
Coordinate with subsidiaries and international business units to deliver assessments for third parties and projects per departmental plans.
Collaborate with internal audit, business units, and risk management teams to align third-party security requirements and mitigating controls.
Execute technical security assessments for third-party security, reporting findings to GISD leadership and relevant teams.
Maintain documentation related to the third-party security unit, including policies, procedures, and frameworks.
Keep the third-party asset criticality register updated with vendor details periodically.
Report and notify relevant units within GISD of all third-party issues and risks.
Document and maintain all issues in the third-party issues register.
Follow up regularly with business units on third-party issues and their action plans.
Support digital security and cloud security initiatives and participate in the bank\'s digital transformation efforts.
Ensure that third-party ecosystems are adequately protected and that security controls are followed by all third parties accessing bank data.
Assist in maintaining the third-party security risk management framework aligned with the ORM framework.
Develop and assist in reporting on third-party security KPIs and KRIs through dashboards for various forums.
Communicate third-party risks and remediation plans to relevant stakeholders and ensure follow-up on implementation.
Measure, monitor, and report on third-party risks.
Engage staff and vendors to develop risk mitigation plans for identified risks in vendor reviews.
Monitor and report on the execution of information security risk mitigation plans.
Specialist Skills / Technical Knowledge Required for This Role:
