Cybersecurity Third Party Vendor Assurance Consultant

Description

Our team and what we’ll accomplish together

We live in and work in a rapidly evolving digital world where cyber security is critical. The Global CSO function for TELUS Health brings a focus on the Security of our Sensitive Health Information (PHI) and regulatory compliance, to meet and exceed the expectations of our global customers as the most trusted wellbeing company in the world. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.

The Cyber Vendor Assurance team plays a crucial role in protecting TELUS Health’s security posture by managing and monitoring Cyber risks associated with our third-party vendors and suppliers. Our team leads comprehensive security assessments, vendor due diligence, and maintaining ongoing monitoring of vendor security controls.

As a Third-Party Cyber Security Consultant, you’ll be keeping TELUS Health safe and protected by providing cyber oversight across a diverse global supplier portfolio. You will support all the key elements involved in the end-to-end 3rd Party Information Security Oversight. Your primary focus is to provide assurance regarding the confidentiality, integrity, and availability of the suppliers that we have entrusted our data /infrastructure with. For this to be achievable, you will collaborate extensively with internal and external stakeholders to allow for identification of vulnerabilities and areas of improvement to protect our Brand, colleagues and customers, in turn helping to promote a collaborative Security culture.

What you’ll do

You will manage and own a diverse portfolio of supplier assessments, undertaking Information Security reviews using a defined methodology. From planning, reviewing supplier responses, supplier assessments, reporting of identified risks and provision of required remediation.

Given the nature of the role you will be providing guidance to both internal and external stakeholders:

• Assessing Supplier responses to a defined set of Information Security controls, ensuring quality and completeness of returns
• Reviewing Supplier responses and identification of risk / vulnerabilities. Liaising with key stakeholders to ensure appropriate escalation and remediation
• Maintaining and producing reports and management information. Ability to report clearly and articulate non-conformities and advise on required actions to remediate. An adaptive communication style to reflect a diverse stakeholder audience
• Collating and assessing various Cyber intelligence sources to help provide greater insight as to the Suppliers Security posture
• Share knowledge and mentoring to colleagues, supporting queries and providing guidance in relation to Cyber Security 3rd Party assurance
• Attending meetings, workshops, acting as delegate for Manager when required
• Actively contribute to the ongoing development of the Team through constructive challenge, providing solutions, innovation and continual improvement
• Reinforce TELUS Health's Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders

Qualifications

What you bring:

• 5+ years of applied Cyber Security Assurance experience
• Ability to demonstrate expertise and application of knowledge, in terms of technical and softer skills that are required in managing a diverse and global portfolio
• Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities / areas of control enhancement
• Adept at reviewing Supplier Security policies and standards to ensure appropriate scope and adequacy
• Clear understanding of information security principles, including risk management, incident response, and threat analysis
• Strong stakeholder management and interpersonal skills. Ability to engage and develop relationships across a broad range of geographies and sectors
• Strong organizational skills, with the ability to coordinate and effectively self-manage your own portfolio of work, independently to ensure high quality and timely delivery
• Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement
• Strong communication skills (verbal and written)
• Strong analytical skills, attention to detail and coupled with capability to identify omissions/ gaps /areas of focus
• Ability to accommodate travel and time away from home may be required

Great- to-Haves:

• CISM, IS027001 LA, CISA, CRISC
• Procurement knowledge, reflective of the Supplier lifecycle
• Operational Risk experience
• Bi-lingual (English + either French, German, Spanish)

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.