Skip to main content

Head of Third Party Security

Job Description:

Introduction

Dentsu is the network designed for what's next, helping clients predict and plan for disruptive future opportunities and create new paths to growth in the sustainable economy. Taking a people-centered approach to business transformation, we use insights to connect brand, content, commerce and experience, underpinned by modern creativity.

Dentsu International is a global leader that specialises in Sales, Marketing, Customer Experience, and Retention to enable clients to keep "winning" whilst ensuring customer growth and experience is at the very forefront for their businesses.

We're hiring a Head of Third-Party Security as part of our team in in either Manchester or London working on a hybrid basis.

Purpose of the Role

Dentsu Security are responsible for the scope and delivery of information security activities that cover all dentsu international locations, people and processes globally. Led by the Director, Technology & Security GRC our Governance, Risk and Compliance team are responsible for an extensive programme covering Risk Management, Policies & Controls, Internal Controls Assurance, Third Party Security, and Client Security.

Joining our expanding and ambitious Governance, Risk and Compliance team you will be reporting directly to the Director for Technology & Security GRC in an increasingly autonomous role overseeing the continued maturity of our Third Party Security (TPS) function. The successful candidate will build upon existing security third party frameworks and processes, establishing relationships with both internal stakeholders and suppliers to ensure that third parties are assessed, on-boarded, monitored and off-boarded with appropriate due diligence. Management of an internal team of TPS SMEs and strategic leadership responsibilities will form an integral part of the role.

Job description

  • Maintain and continuously improve a risk-based global third-party security framework based upon compliance with regulatory, client contractual and internal governance requirements.
  • Operate as the primary SME for all new third party on-boarding activities including support for contract reviews.
  • Manage (risk and control) assessment program for dentsu third parties at onboarding, and throughout the lifecycle of the services and products provided, using information from multiple sources to identify risks and propose proportionate, sustainable and well-considered remediative controls.
  • Provide quality assurance for the output of the third-party security function.
  • Tracking and reporting of open third-party risks and issue remediation through to completion, escalating to senior management where required.
  • Ownership of the third-party risk management platform (SureCloud), including management of future platform upgrades.
  • Enhance and deliver third party risk and performance MI and reporting in a timely manner, enabling accountable individuals to make informed, risk-based decisions at a management and executive level.
  • Lead the ongoing identification and implementation of improvements to TPS processes to reflect the changing threat environment and best practice assurance approaches.
  • Engaging with key business stakeholders including Legal and Procurement functions global and local levels to raise visibility of TPS processes and ensure workflows are sufficiently flexible to encompass an expanding global network.
  • Lead our high-performing Third-Party Security team of subject matter experts, taking responsibility for their professional development and wellbeing.

Candidate Profile

  • Preferred security qualifications: CISSP, CISM, CISA, CRISC
  • Experience of leading third-party security assurance within a global/large organisation
  • In-depth knowledge of all domains within security, in particular in relation to third parties
  • Detailed knowledge of information security risk management best practice, controls,
  • Ability to explain technical complex concepts to non-technical audiences
  • Thorough understanding of information security regulatory compliance
  • Experience of ISO 27001-aligned information security management systems and associated controls
  • Strong knowledge of information security risk frameworks (ISO 27001, NIST, PCI, SOC 2)
  • Knowledge and practical experience of third-party assessment methodologies and frameworks
  • Understanding of business continuity management within a global organisation (preferable)
  • Experience with IT assurance functions and auditing techniques
  • Proven ability to work in collaborative environment
  • Ability to lead a high-performing, customer-focussed team
  • Experience of working with a high degree of autonomy, managing own and others' workload, and delivering to tight timescales
  • Experienced in using third party assessment platforms for managing TPSA workflow

What we offer

This is a permanent role. The team is based from any of our UK offices in either Manchester or London on a hybrid working basis.

As well as a competitive salary, you'll enjoy a benefits package that you can tailor to your needs which includes:

  • Ongoing Training
  • Unparalleled professional development
  • Company-provided Medical Healthcare
  • Generous Pension provisions
  • Health and Wellness benefits
  • Life Assurance
  • Working in diverse teams where you can make a real impact.
  • Exciting and rewarding environment.
  • Varied work across industries

Great additional benefits

  • 25 holidays per year, plus bank holidays, additional Christmas leave and your birthday off. We also offer 2 paid volunteer charity days and 3 well-being each year

Inclusion and Diversity

Our diverse and inclusive culture enables our employees to bring their whole selves to work and be proud of doing so. For us, this is the foundation for great innovation which, in turn, generates better outcomes for our people, partners and communities. This is why we encourage applications from people with disabilities, and of all ages, nationalities, backgrounds and cultures.

We are happy to discuss flexible and agile approaches to working for all our roles - we can't promise we will be able to offer you everything you want or need but we do promise to discuss it with you openly and honestly. If you have any reasonable adjustment needs arising from a disability or medical condition to fully participate in the recruitment process, please discuss this with our recruitment teams.

About dentsu

Taking a people-centered approach to business transformation, we use insights to connect brand, content, commerce and experience, underpinned by modern creativity. As part of Dentsu Group Inc. we are headquartered in Tokyo, Japan and our 65,000 employee-base of dedicated professionals work across four regions (Japan, Americas, EMEA and APAC). Dentsu combines Japanese innovation with a diverse, global perspective to drive client growth and to shape society.

Diversity, equity, and inclusion sits at the heart of our Social Impact strategy - our fully integrated sustainability strategy which includes our ambition to build a fair and more equal society, where everyone is equipped to thrive.

#LI-HYBRID

Location:
London

Brand:
Global Technology

Time Type:
Full time

Contract Type:
Permanent]]>

Head of Third Party Security

Dentsu
London, UK
Full-Time

Published on 25/11/2024

Search more jobs

Share this job now