Job Title

Information Security Manager - Cyber Supplier Oversight

Ref #

7729

Location

Edinburgh

Department

Information Security

Business Area

CISO

Working time

Full-Time

Date Published

08-03-2023

Supplier Oversight, Information Security Manager.

Edinburgh / Glasgow Offices.

Excellent Salary & Benefits

What you’ll bring

We’re embracing an agile way of working; this Supplier Oversight, Information Security Manager role will join us on an exciting journey. Join us and bring your talent, expertise, and skills to join our existing colleagues and make a difference to our customers, communities, and planet.

The Role

You will manage and own a diverse portfolio of supplier assessments, undertaking Information Security reviews using a defined methodology and supporting processes. From planning, reviewing material, supplier assessment, reporting of identified risks and provision of required remediation.

You will be providing subject matter expertise to both internal and external stakeholders:

• Share knowledge and mentoring to colleagues.
• Attending internal committees, workshops, acting as delegate for Lead Information Security Manager when required.
• Supporting ongoing risk identification and assessment of external threats to supplier base, aligned to oversight model.
• Maintaining accurate records and documentation, ability to coordinate material from multiple sources and create a single view for senior management.
• Actively contribute to the ongoing development and promotion of the Information Security Oversight Team through constructive challenge, providing solutions, innovation and continual improvement.
• Support and active collaboration / contribution in team objectives.

Job Purpose:

You will manage all the key elements involved in the end-to-end 3rd Party Information Security Oversight. This includes working extensively within internal and external stakeholders to assess, assure and provide required remediation to protect Tesco Bank customers, brand and assets.

You will be able to:

Demonstrate an advanced application of Information Security knowledge and expertise in support of Supplier oversight. For this to be achievable a blend of technical and softer skills are required:

• Strong stakeholder management, ability to engage to a diverse audience from differing backgrounds and sectors.
• Strong understanding of Security frameworks and ability to identify vulnerabilities / areas of control enhancement.
• Strong communication skills (verbal and written)
• Strong analytical skills, attention to detail.
• Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement.
• Strong organisational skills, with the ability to coordinate and effectively self-manage your own portfolio of work to ensure high quality and timely delivery.
• Ability to accommodate travel and time away from home will be required.
• Practical experience of Information Security frameworks and oversight within a highly regulated environment.
• Strong Operational risk knowledge.
• Recognised Security accreditation. (CISM, CISA, CIS Lead Auditor, etc)

#LI=KP1

At Tesco Bank everyone is welcome, we value our people and diverse teams and believe the variety of backgrounds and experiences make us stronger in achieving our goals. It’s important to us that we make sure you’re supported by your team and colleague networks every day, celebrating when it matters and helping you to be the best version of yourself. The people make Tesco Bank, and we take pride in what we achieve together.

We’re also a little obsessed with the future. Your future. Our future. That’s why we take development seriously; we want to help you thrive and evolve in your career. Tesco Bank is a place to get on, all colleagues have access to LinkedIn Learning and Abstract, from day one.

All that hard work? Come and see it turned into something real, usable, and important to customers’ and colleagues’ everyday lives. At Tesco Bank, our products make things a little better for everyone.

The Tesco name comes with a dedication to customer service excellence, but Tesco Bank offers something more: a fresh approach to finance. While it’s an innovation, ours is a business built on the next development, the evolution to come. For forward-thinking, technical professionals, that means making a wide-ranging and long-lasting impact in an organisation that’s changing the face of banking for our customers.