Senior Third Party Security Manager

Job Description
Senior Third Party Security Manager, Band 6
Division
: CISO

About the Role:
We are seeking a dynamic and experienced Third Party Security Manager to join the IT Risk tribe. In this role, you will be responsible for internal coordination of Third Party Security assessments for all external Third Parties including Merger and Acquisition initiatives and enable the post-merger integration initiatives when applicable.

To achieve it, you will work closely with multi-functional teams from all the organization and will be exposed to a diversified set of topics, business and technologies.

Role Description – IT Security Manager
The role will be responsible for execution of risk-based IT Security controls for Third Parties. Key responsibilities:

Merge And Acquisition Assurance

• Assessment and Due Diligence execution on future mergers and acquisitions
• Consulting and support in definition of security road up for potential start ups
• Prepare detailed reports on findings and Security recommendations

Third-Party Assurance Lifecycle

• Due Diligence - risk profiling, onboarding, re-certification
• Contract Management - ensuring that the security expectations included in the contract are proportionate to the risk profiling
• Exit Management - performance of necessary security checks at the end of a contractual agreement with a Third Party
• Ongoing monitoring - Facilitate and support response to the, alerting and incident of external Third Parties

Continues Improvements

• Participate and support in delivery of regulatory driven change i.e. DORA
• Identify, design and implement process improvements
• Lead demand capacity management
• Deliver training and coaching sessions for the team
• Taking initiatives to document and communicate intensively to further increase Third Party Security, knowledge and expertise

Core Skills

• Previous experience in Third Party Security Management (i.e. Due Diligence), is mandatory
• Knowledge of security risk management
• Knowledge of control frameworks, e.g., ISO 27000, NIST, CIS-18, COBIT-5
• Knowledge of relevant regulations, i.e. DORA, Outsourcing, ESMA, etc.
• Knowledge of logging, monitoring and alerting is an advantage
• Knowledge of similar ecosystem frameworks, e.g., SWIFT CSP is an advantage
• Knowledge of financial markets, FMIs and CSD operations is an advantage
• Experience with supplier and supply chain due diligence framework, procedures, data gathering risk and control assessment.
• Experience with contract review of information security schedules and terms
• Knowledge of logging, monitoring and alerting is an advantage
• Experience with ServiceNow GRC is an advantage
• IT Security Certification such as CISSP, CSSLP, CCSP, CISM, CISMP, GCIH, CEH, etc. is an advantage.

Soft Skills

• Leadership. Be an inspiring and engaging leader by providing strategy and direction to team members, by showing business acumen, by possessing self-reflection and by being results-driven
• Interpersonal. Be self-motivated and proactive, have strong, innovative and creative problem-solving skills, be open and welcoming to change, work comfortably in a constantly evolving environment and have an ability to remain calm under pressure and in the face of uncertainty.
• Collaborative. Work comfortably with business executives and stakeholders, within group settings or with team-members
• Change. Ability to handle multiple projects against tight deadlines whilst being instrumental in delivering cultural change throughout the organisation
• Experience with managing regulatory compliance issues as well as providing best practices in security
• Strong organisation, prioritisation management, coordination, reporting and communication

About Us
Why join us
Embark on your new adventure at Euroclear, and work at the heart of the global capital markets. We connect over 2,000 financial institutions across the globe. As an open and resilient infrastructure, we contribute to the stability of the financial markets. We help clients cut through complexity, lower costs, and mitigate risks of financial transactions. At Euroclear, we have the clear ambition to use our key role to facilitate and accelerate a sustainable global financial system.

What We Offer

• Work closely with inspiring, supportive and engaged colleagues from more than 80 different countries.
• Practice your talents in a highly professional international environment.
• Join a learning and development environment with an emphasis on knowledge sharing and training.
• Competitive salary and comprehensive benefits.

New ways of working
Find your own optimal balance within our hybrid working model, where you can connect at the office and also benefit from remote working.

Great Place to Work for All
We are committed to creating an inclusive culture that celebrates diversity and strives to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of any aspect that makes them unique (including race, religion, national origin, gender, sexual orientation, age, marital status, pregnancy, disability, ...). If you need any specific accommodation due to disability or any other reason, you can let the recruiter know during your application process.

About The Team
As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the companys' business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Chief Information Security Office (CISO) in charge of putting in place the required controls to adequately and effectively protect our information assets.