Log In Sign Up

Supplier Assurance Manager

Premium Job From Tesco

Recruiter

Tesco

Listed on

18th October 2018

Location

Welwyn Garden City

Salary/Rate

Competitive

Salary Notes

Competitive

Type

Permanent

This job has now expired please search on the home page to find live IT Jobs.

Summary

About The Cyber Security Team

Our cyber security team are the eyes and ears of our organisation. We use the latest technologies to increase visibility and protection of systems, services and data. To do this we need to stay ahead of the latest threats and continuously improve our tooling, techniques, and processes.

Responsible for developing and running security processes day-to-day for the Tesco Group, we're continually working to step change security capability to further enhance the protection and controls that we offer for our customers and colleagues across the UK, Europe and Asia, and we're looking to add great people to our growing team.

We believe that skilled and passionate people are our greatest asset in reducing risk to our business and customers. We encourage and support continual development and learning, and recognise the importance of keeping up with changes in technology and an evolving threat landscape.

Communication is key - working collaboratively with our software and systems engineering teams to support security throughout the development lifecycle, as well as to build proactive monitoring and responses to security events.

About The Identity and Access Management Team

The Identity and Access Management (IAM) team operates within our Technology Security Programme team. The team is made up of Product Managers, Engineers, Data Analysts and Operations Engineers working across the Tesco group to develop and deploy new IAM capabilities.

The team covers all aspects of managing access and identity from joiners, movers and leavers to entitlement reviews and access requests. Our goal is to ensure that managing access in line with our policy requirements is as simple as possible. We're thinking a little differently about IAM, utilising automation and data science to reduce the cost and effort of managing access for our 500,000 colleagues.

Package

We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:

* An annual bonus scheme which you can achieve up to 3.5% of base salary

* Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco

* Holiday starting at 25 days plus a personal day

* A retirement savings plan - 4%-7.5% contribution rate

* Life Assurance - 5 x contractual pay

* Buy As You Earn Scheme

* Save As You Earn Scheme

* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank

* Deals and Discounts through many other external businesses

Main Responsibilities

The Role - Supplier Assurance Manager

Whilst specific responsibilities will be dependent upon the changing needs of the Tesco business, the following provides an overview of the role's key responsibilities and measures:

* Work with suppliers to identify and remediate risks as required and furthermore identifying critical suppliers to Tesco

* Maintain the supplier assurance risk register to ensure it remains relevant and up to date

* Provide high quality risk reports, with guidance and recommendations, to enable senior business owners to make the most appropriate risk decisions relating to the use of the supplier.

* Maintain an up-to-date record of all suppliers that access, store, process and provide critical services to Tesco

* Monitor on-going compliance of suppliers within set schedules depending on the risk profile of the supplier

* Report metrics to Technology senior management and other key stakeholders

* Work closely with the relevant business owners, legal and procurement

* Support Technology colleagues with queries relating to supplier assurance

Ideal Candidate

Key Skills and Experience

You'll need to have demonstrated experience of:

* IT audit/risk management, with examples of managing technology risk and compliance within an organisation

* Knowledge of ISO standards in relation to information security and business continuity

* SME level expertise in respect to information security risk management processes, frameworks and procedures

* Communicating effectively to build and maintain transparent relationships with stakeholders (including Senior Management), clearly expressing risks and recommendations

* Critical thinking with strong attention to detail, organisation and follow up

* Leading, planning and conducting interviews with suppliers to obtain an understanding of the area being reviewed

* Documenting processes and key controls in association with supplier and Tesco processes

* At least one professional qualification such as CISA, CISM, ISO27001 lead auditor or CISSP are essential

Personal

* Flexibility, ability to plan and organise, responsiveness, creativity, self-starter

* Able to build solid working relationships with peers and senior leadership

Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organisation.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox