Location/Office Policy: Central Park, Leopardstown, Dublin 18 / Hybrid
What is the Role: The 3rd Party Cyber Risk Manager will be responsible for identifying, assessing, and managing cyber risks associated with third-party vendors, suppliers, and partners. This role is critical in ensuring that the bank's supply chain and external relationships align with AIB's cybersecurity standards and risk appetite. The 3rd Party Cyber Risk Manager will play a key part in embedding risk management practices into procurement and vendor management processes while driving continuous improvement in the cybersecurity maturity of third-party engagements.
Key accountabilities: Vendor Risk Identification and Assessment:
Lead the development and execution of the third-party cyber risk management framework, ensuring that vendors and partners are adequately vetted for cybersecurity risks. Perform cybersecurity due diligence on new and existing vendors to assess their risk profile. Evaluate third-party contracts and Service Level Agreements (SLAs) to ensure they include adequate cybersecurity requirements.Risk Monitoring and Continuous Assessment:
Implement and oversee continuous monitoring programs to track third-party vendors' adherence to security requirements throughout the lifecycle of the relationship. Leverage tools and technologies to monitor real-time security risks posed by vendors, and proactively address any deviations from agreed-upon security practices. Perform regular risk assessments, audits, and reviews to ensure the ongoing cybersecurity health of third-party vendors.Collaboration with Procurement and Legal Teams:
Work closely with the Procurement and Legal teams to integrate cybersecurity risk assessments into the procurement process. Ensure that third-party contracts include enforceable cybersecurity clauses, such as incident response requirements, data protection standards, and breach notification protocols. Provide cybersecurity risk input during contract negotiations to ensure AIB's risk tolerance is reflected in vendor agreements.Incident Management for Third-Party Vendors:
Collaborate with the Incident Response team in the event of a cyber incident involving a third-party vendor, ensuring a timely and effective response. Manage communication with vendors during incidents and post-incident investigations, ensuring that any necessary remediation steps are taken.Risk Reporting and Governance:
Provide regular updates to senior leadership on the status of third-party cyber risks, including emerging risks, trends, and mitigation strategies. Maintain robust governance processes to ensure visibility and accountability in third-party risk management decisions. Report key third-party risks and metrics to the Executive Committee and other relevant governance bodies.Minimum Requirements: Minimum 7-10 years of experience in cybersecurity, risk management, or related fields, with a demonstrated ability to lead the development and execution of risk management strategies.Deep understanding of cybersecurity principles, risk management frameworks (e.g., NIST, ISO 27001), and regulatory requirements.Experience with risk assessment methodologies and tools.Strong leadership skills with the ability to influence and collaborate across all levels of the organization.Excellent written and verbal communication skills, with the ability to articulate complex risks and mitigation strategies to both technical and non-technical stakeholders.Why Work for AIB: We are committed to offering our colleagues choice and flexibility in how we work and live and our hybrid working model enables our people to balance their time between working from home and their designated office, subject to their role, the needs of our customers and business requirements.
Some of our benefits include: Variable PayEmployee Assistance ProgrammeFamily leave optionsPlease click here for further information about AIB's PACT – Our Commitment to You.
Key Capabilities Leads OthersInstils TrustCustomer FocusInformation System SecurityTechnical LeadershipIf you are not sure about your suitability based on any aspects of the role advertised, we encourage you to please contact the Talent Acquisition at ****** for a conversation.
AIB is an equal opportunities employer, and we pride ourselves on being the first bank in Ireland to receive the Investors in Diversity Gold Standard accreditation from the Irish Centre for Diversity. We are committed to providing reasonable accommodations for applicants and employees. Should you have a reasonable accommodation request please email the Talent Acquisition team at ****** or ****** Closing Date: Tuesday, 12th November 2024
Disclaimer: Unsolicited CV's sent to AIB by Recruitment Agencies will not be accepted for this position. AIB operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our recruitment partners.
#J-18808-Ljbffr