Reporting to the Head of IS Third Party Security. Third-Party Security Risk Manager is responsible for managing and overseeing Third Party risk management and assist in the review and maintenance of the third-party risk management framework to cater for the Group’s needs and requirements

• Proven track record and ability to operate comfortably with stakeholders at a mid-senior level (e.g., Heads of Function and Units).
• Work with internal audit, business units, VMCP, FRM and ORM teams to align third party security requirements, identified risks, appetite for risk and mitigating controls, including the monitoring, and reporting on the effectiveness of the controls and the impact that this has on the overall security and risk.
• Manage technical security assessments for the Bank’s Third-Party security with other GISD Verticals team, report the outputs to GISD leadership, business, and technical teams for timely resolution.
• Stay abreast of global and regional information security threats by reviewing threat intelligence reports from Cyber Threat Intelligence unit.
• Ensure proper delivery of ad-hoc and planned third party technical assessments in accordance with internal information security policies and requirements or external information security regulations and standards
• Work with the Head of IS Third Party Security for the continuous improvements in policies, procedures, standards, and guidelines in line with third party risk assessment findings and recommendations.