19 Jun 2017

Full-Time Third Party Assurance & Contracts Manager

Directline Group – Posted by AdminOrpington, England, United Kingdom

Job Description

Third Party Assurance & Contracts Manager

At DLG we take Security and Assurance extremely seriously, do you ?  This is an amazing opportunity to work for a FTSE100 company, to help us continue our commitment and passion for Security. …

Purpose of the role

The role holder will use their in-depth Information Security and Risk experience to develop and lead the Third Party Assurance and Contracts programme to ensure it is fit-for-purpose and addresses future threats and changes in the risk environment. They will be a key member of the Third Party Security Oversight team providing subject matter expertise to provide direction, support and advice for the information security policies, procedures and framework for the secure management of third party suppliers as it relates to information security risk.

What’s involved …

• Build and maintain strong relationships with internal and external stakeholders and service providers to ensure full compliance with the Information Security Policy and Minimum Standards.

• Responsible for oversight of third party information security risk and for the overall delivery of the vendor’s security obligations.

• Responsible of ensuring new contracts with third parties are compliant with DLG security standards and management of the exception process.

• Responsible for the production of high quality, informative and accurate reports in respect of third party assurance assessments.

• Develop, embed and maintain an effective Assurance Programme.

• Escalate, where appropriate, any failures to comply with Information Security controls in application / system implementation.

• Responsibility for the management and development of the assurance team, ensuring clear and stretching objectives and personal development plans are in place for all members of the team.

• Oversee security impact assessments for third party arrangements. Review and ensure the quality completion of impact assessments of direct reports.

• Work with the business and suppliers to develop, track and clear identified shortcomings and ensure that these are recorded as business risks until resolved.

• Provide expert advice and guidance to Information Security team in order to share relevant knowledge and initiatives.

• Provide advice to Information Security related briefings and Threat Management Groups.

• Ensure all activity is compliant with 3LoD, TCF, DPA and other relevant legislation

• Contribute to the management of KRI’s, MI and the setting and management of risk appetite.

What we need from you.

  • Understanding of the Data Protection Act, EU GDPR and associated regulatory requirements.
  • Understanding of PCI DSS and the requirements of Third Party Suppliers.
  • Knowledge ISO standards in relation to Information Security and Business Continuity.
  • SME level expertise in respect of information security risk management processes.
  • Deep understanding of information security management and technical countermeasures.
  • Significant understanding of outsource vendor governance and security management practices.
  • Experience of managing others, either directly or via matrix management.
  • Awareness of FCA compliance.
  • Information security delivery expertise / ability to influence at Director level.


  • Undergraduate degree (preferably 2:1 or higher) in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math) is  preferred
  • Security certifications such as CISSP, CISM, M.Inst.ISP, CISA by a recognised professional body are required.
  • Security certifications such as CISA, ISO 27001 Lead Auditor / ISO 27001 Lead Implementer by a recognised professional body are desirable.

Career benefits and rewards

– 9% pension (which can be taken solely or partly as cash in addition to your base salary)

– 30 days annual leave + bank holidays

– 50% Car Insurance discount

– 50% Home Insurance discount

– 50% Pet insurance discounts

– up to 20% bonus.

– Life assurance up to 4x Salary.

– FREE Private Medical Insurance

– FREE breakdown cover

– FREE Travel insurance

– Discounted Life, Critical illness covers

– Discounted dental covers

– Shopping retail discount

– 3 for 2 shares (Buy 2 get a 3rd free) up to £150 per month tax free.

– others (Free eye test, childcare vouchers, bikes for home, season ticket loan etc)

Career benefits and rewards

Rewarding you is really important to us, as well as offering a competitive salary and generous holiday entitlement; you can take advantage of a wide range of benefits. The best part is you can pick and choose the benefits to suit your own lifestyle, but also pass on some of the savings to family and friends. Here are just a few we have on offer:

  • A competitive salary, benchmarked against our competitors, which will grow as you do.
  • Pension 9% of your base salary, you can choose to contribute less or more than this, and anything you don’t wish to put in to your pension you can take as cash instead!
  • Private medical insurance (anyone can choose this through our flexible benefits scheme, and managers receive this as standard)
  • Attractive holiday entitlement
  • 50% off our Home, Motor and Pet insurance
  • Free Travel insurance
  • Free Green Flag breakdown cover
  • Flexible rewards including Life insurance, income protection, critical illness insurance, personal accident insurance
  • Retail card, with discounts at big name retailers
  • My Discounts – a discounts website for all our employees, with great discounts, cash back savings and offers across hundreds of brilliant  high street brands, travel, tickets, gym memberships and much more.

Who we are
Direct Line Group is an organisation with a clear mission: to make insurance much easier and better value for customers. We are one of the leading motor, home and small business insurers in the UK. We are home to some of the nation’s best-known brands, including Direct Line, Churchill, Privilege, Green Flag and NIG.

Closing date – undisclosed

To apply for this job click here to register your interests.

How to Apply

To apply for this role click the link shown above.

Job Categories: Other. Job Types: Full-Time and Permanent. Job Tags: contrasts manager, diversity, equality, full time, inclusion, London - Bromley, permanent, and third party assurance. Salary: Competitive.

Apply for this Job