Third Party Compliance Officer

Randalls Way, Leatherhead KT22 7TW, UK Req #132

07 May 2024

Established in 1982, Bytes has grown rapidly and now employs over 600+ people across 5 locations in the UK and Ireland. Our turnover in Financial Year 2019 was in excess of £520M. We work with SME’s, corporates and public sector organisations to modernise and digitally transform their IT infrastructures.

We invest in our employees through on-going support, training and advice to help them achieve their career aspirations, rewarding success both financially and personally. There is opportunity to grow and move internally which can be seen through our long-standing employees who have developed existing and new skills to move into senior positions in the organisation leaving space for new team members to begin their journey.

Your Future Starts Here

Why Bytes?

Over 600 staff (plans to double in size over the next 5 years)
Operating from modern, hybrid working environments with offices in Leatherhead, Reading, London or Manchester
Winners of an array of industry awards
Sunday Times Top 100 Best Places to Work
Excellent training and career prospects offered
Fantastic office with gym, canteen, open plan, smart casual dress code, regular incentives and company events
Supporters of 85+ charities with strong commitment to diversity and sustainability

POSITION DETAILS:
Position Title:	Third Party Compliance Officer
Reports to (POSITION):	Legal & Compliance Manager
Team:	Compliance
Department:	Legal & Compliance

PURPOSE OF JOB:

Due to exciting transformation, we are pleased to announce an opportunity for a collaborative, inclusive, and engaging individual, with extensive Third Party Risk experience gained from supplier/vendor management, to join our Compliance team as Third Party Compliance Officer.

The primary responsibility for this role will be to interface with our customers, tenders/bids team and account managers to articulate our security posture based on customer security vetting requirements. Secondarily, in this exciting role you will also be responsible for maintaining TPRM principles and standards, ensuring that third party suppliers/vendors/partners are vetted, monitored regularly, and managed to mitigate risks that could negatively impact Bytes.

This is an exciting time for the team, and you will play a key role in helping us to mature this function. You will have lots of autonomy and variety with your day-to-day work, giving you a sense of ownership, and the freedom to be curious and bring new ideas to the table.

KEY RESPONSIBILITIES:

Implementation and operationalisation of third party management systems in line with business strategic direction

Management of inbound and outbound third party security assurance including responses to customers and working with appropriate suppliers/vendors/partners

New supplier onboarding risk review and assessment

Conduct Supplier Management Reviews (security assurance and data privacy impact assessment)

Ensure documentation and records are maintained in appropriate systems / tools which are updated at required intervals

Provide guidance to relevant teams and stakeholders regarding TPRM processes and standards

INDIVIDUAL RESPONSIBILITIES:

Reviewing and maintaining operating procedures and processes for ongoing monitoring of assurance activities

Perform due diligence of potential and existing suppliers and monitoring compliance at periodic intervals

Providing regular reporting on third party management to Legal & Compliance, CISO and ExCo as required

Assisting in internal and external audits as required

Maintaining quality output of information to Bytes customers and ensuring quality standards are met for the suppliers/vendors/partners security posture

QUALIFICATIONS, EXPERIENCE, & SKILLS:
Educational Qualifications
GCSEs or above and 2 years relevant work experience	ESSENTIAL
Professional Qualifications
Certifications in Information Security or Cyber Risk Management domain (e.g. SSCP/Security+/foundation level in ISO standards)	DESIRABLE
Years of Experience
At least 2 years of experience in similar role	ESSENTIAL
Other Requirements
Third Party Risk experience gained from a supplier/vendor management, category management, or business development background Previous use of Third Party screening tools Operational understanding of Third Party Risk Management practices Technical IT experience, with knowledge of common IT controls, networking technologies and security solutions Knowledge of Information Security regulations and standards (e.g. ISO 27001, GDPR, UK Data Protection Act, NIS, NIS2)	DESIRABLE

CORE Competencies & SKILLS – BASED ON POSITION AND GRADE

Proactiveness, energy and passion for information security

Ability to build productive relationships with people from a wide range of professional and cultural backgrounds and the ability to work effectively within a dynamic team environment

Excellent written and oral communication skills, with accuracy and attention to detail essential

Friendly, approachable, calm and considered

Excellent organisational skills, with the ability to plan and manage own workload, and manage tasks simultaneously

Ability to work on own initiative, under pressure and to tight timelines

Other details

Job Family Employee
Job Function Administration
Pay Type Salary

Apply Now

Randalls Way, Leatherhead KT22 7TW, UK