IT Customer Assurance Manager

The Audit and Risk Recruitment Company has been mandated by our client, a global insurance giant, in their search for a Technology Assurance Manager (focusing on customer delivery) to join a growing supplier risk function.

The purpose of this role is to assist in the operation of 3rd Party IT Risk functions focused on Supplier Assurance by the execution and oversight of activities including risk assessments, contract reviews, due diligence, auditing, findings and reporting to manage the risks related to these areas both within IT, Procurement, Legal, Data Privacy and the wider business, including the execution of Customer Assurance activities.

The role also offers management responsibilities and my client will consider candidates who are currently in an oversight role (as opposed to direct line management).

You will also have the opportunity to learn new skills across supplier assurance and GRC activities giving a full '360' view of the function.

This is a hybrid working role (1-2 days per week in the office) and can be based in London, Leeds, Manchester or Staines.

The role focusses on customer assurance activities which are essential to obtaining and renewing business with corporate customers.

This role will manage customer due diligence requests (including contractual reviews) and free up existing 3rd party risk team members to concentrate on our suppliers rather than responding to Commercial requests. Examples being:

• Commercial / Corporate contract reviews
• Execute and oversee the delivery of end-to-end customer information security due diligence
• Overseeing customer audits
• More oversight plus execution - This role will have IT Customer Analyst reporting into them (ideal candidate will have lead / management experience)
• Reviewing and negotiating customer contractual IT agreements and clauses.

Background Requirements

• Certified in relevant IT audit, risk and security certifications preferably with one of the following: CISA, CISM, CRISC or CISSP.
• UK experience (IT Risk / internal audit) from either top 10 practice or commercial environment
• IT Security/Assurance, Audit, Compliance and Risk knowledge, experience of IT Risk and assurance frameworks, and IT control assurance assessments (e.g. ISO 27001, PCI DSS, CIS 20, NIST, ISACA IT Risk).
• Demonstrable experience in planning, executing and supervision of controls assessments and risk-based audits.
• Demonstrable experience in review and assessment of contractual or regulatory artifacts / documentation
• Experience of IT Assurance concepts preferably with internal IT Compliance or IT Control assurance experience.
• Experience of IT/IS Risk Management concepts and terminology understanding the role controls play in risk mitigation

Relevant UK experience is required for this position and our client is unable to offer sponsorship.