Business Assurance - Coventry, United Kingdom - Sainsburys

Sainsburys

Verified Company

Coventry, United Kingdom

1 week ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

We're looking for a security professional like you. Someone who is passionate about protecting our customer and colleague data. We provide our teams with the time and freedom they need to push boundaries. Providing our teams with the guidance and frameworks they need to do the right thing. We create amazing systems and products and would love for you to help keep them secure.

More about the role:

As part of the Data Governance and Information Security Team, you will be responsible for providing security support and consultancy directly to business functions who are delivering change outside of the Technology function.

In addition, you will provide oversight and challenge of key technology outsourced providers that provide BAU services to Sainsburys.

You will be continually reviewing how our third parties meet their contractual commitments, measuring specific BAU Information Security services in an objective manner.

We will expect you to have strong Stakeholder Management skills to ensure that robust security is maintained across our environment.

You will act as a key interface for Supplier Relationship Management, Legal and Procurement.

Business Assurance & Performance

Lead a small team of Security Analysts to provide security consultation directly to business functions where initiatives are being delivered outside of Sainsbury's Tech or via platinum vendors
Support vendors to achieve policy and contractual compliance, for Info Sec services
Engage with Business Stakeholders early in their change lifecycle to ensure that initiatives delivered without support from Sainsbury's Tech still meet our policies and data governance requirements
Educate Business Stakeholders to ensure they are aware of formal governance processes to engage with. Escalate where this is not being followed
Track and manage the delivery of actions (such as risk and vulnerability mitigation) for Business Stakeholders following engagements and formal approvals from Data Governance Committee
Help facilitate annual penetration testing of business owned assets that have no accountability within Sainsbury's Tech. Ensure tests are accurately scopes and vulnerabilities are remediated in line with policy Service Level Agreements
Support Tracking Key Performance Indicators of third parties that provide Information Security services
Ensure data sources are accurate
Ensure the metric algorithms are relevant and clearly understood
Ensure thresholds remain relevant
Proactive escalation where trends indicate a potential to breach a threshold
Investigate, with the third party, where there is sudden spike in the metrics, provide supporting narrative and any steps to rectify.
Help support and challenge ways of working with third parties to ensure both entities can provide the most efficient and effective process possible
Work closely with Supplier Management to provide specific Information Security feedback and escalate issues into broader supplier review meetings support SRM governance meetings and gathering feedback for vendors
Become a key interface with the Supplier Management, Relationship Owners and the Risk team, to mitigate or remediate supplier risks

Financial Management

Define any additional Info Sec metrics and KPIs to continuously monitor operational performance, ensuring third party colleagues are adequately skilled to complete the tasks.
Review new services and associated financial considerations support the Finance budget process

Contracts Management

Act as a key interface for Legal and Procurement, to support contractual negotiations for major agreements and use the experience to mature existing information security clauses
Join vendor contractual discussions and represent the Information Security leadership team
Review Tech and Non-Tech contracts and validate Sainsbury's security requirements will be met
Collaborate with Legal, Procurement, Supplier Assurance and Supplier Relationship Management, to achieve a more streamlined contracts process and coordinate on behalf of the team
Support any required risk mitigation, for risks identified in the tender or contractual stage

What we're looking for:

Proven leadership qualities and stakeholder management at multiple levels.
Sets SMART objectives and supports the team throughout, demonstrating leadership and assisting with the longerterm development of colleagues throughout their career.
Able to coach others to take responsibility, own the issue, resolve it and recognises how individual responsibility impacts team delivery
Ability to prioritise work in a challenging environment and deal with conflict effectively
Ability to think methodically and logically to autonomously solve problems.
Proactively takes responsibility, owns any issues arising and follows through to resolve them.
Strong data analytics skills, with experience of presenting data in a constructive format that helps drive change
Ability to balance t