The role involves leading third-party/supplier technical risk assurance to ensure risk exposure from outsourced services and cloud providers is properly managed in line with Cyber Strategy
Job Summary
The role involves leading third-party/supplier technical risk assurance to ensure risk exposure from outsourced services and cloud providers is properly managed in line with Cyber Strategy.
Candidates must establish policy standards and procedures for third-party technical risk while performing due diligence on architecture, controls, and certifications against frameworks like ISO/IEC 27001 and NIST CSF 2.0.
The position requires embedding DORA ICT contractual clauses, validating DR/BC/exit strategies, and providing clear risk narratives to the Technology Risk Forum for strategic vendor decisions.
Matching Summary
The role involves leading third-party/supplier technical risk assurance to ensure risk exposure from outsourced services and cloud providers is properly managed in line with Cyber Strategy.
Skills & Requirements
Must-have
Third-party technical risk assurance
DORA contractual clauses implementation
ISO/IEC 27001:2022 compliance verification
NIST CSF 2.0 outcomes assessment
GDPR DPAs and EU AI Act responsibilities
PCI DSS payment services compliance
Continuous monitoring and remediation
Nice-to-have
Exceptional stakeholder influence skills
Executive reporting and presentation abilities
Cross-jurisdictional regulatory knowledge
Supplier engagement expertise
Strategic decision-making capabilities
Key Requirements
10-15+ years in third-party technical risk assurance
Experience within financial services sector
Hands-on experience with DORA and GDPR regulations