Cyber Vendor Assurance Security Consultant (Remote - UK)

TELUS Health is empowering every person to live their healthiest life. Guided by our vision, we are leveraging the power of our leading edge technology and focusing on the uniqueness of each individual to create the future of health. As a global-leading health and well-being provider - encompassing physical, mental and financial health - TELUS Health is improving health outcomes for consumers, patients, healthcare professionals, employers and employees. We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be a step ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology. The TELUS Health CSO team is committed to providing excellence in securing our internal and customers\' data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cybersecurity posture. We manage our cyber risks and provide industry leading cyber governance, assurance and oversight to secure our data. We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.

Here\'s the impact you\'ll make and what we\'ll accomplish together:

As a Cyber Vendor Assurance Security Consultant (Security Cnslt II) you\'ll be keeping TELUS Health safe and protected by providing Cyber oversight across a diverse Global supplier portfolio.

You will support all the key elements involved in the end-to-end Cyber Vendor Assurance program. Primary focus being to provide assurance regarding the confidentiality, integrity, and availability on the suppliers that we have entrusted our data/infrastructure with. This role involves working extensively with internal and external stakeholders to identify vulnerabilities and areas for improvement to protect our Brand, colleagues and customers, and promote a collaborative Security culture.

• Manage and own a diverse portfolio of vendor assessments, undertaking Information Security reviews using a defined methodology. From planning, reviewing vendor responses, vendor assessments, reporting of identified risks and provision of required remediation.
• Provide guidance to both internal and external stakeholders across a global mandate.
• Assess responses to a defined set of Information Security controls, ensuring quality and completeness of returns.
• Review and assess vendor responses; identify risks and vulnerabilities.
• Propose remediation activities relative to identified vulnerabilities; liaise with key stakeholders to ensure escalation and timely remediation.
• Maintain and produce detailed reporting and contribute towards key risk indicators and management information.
• Articulate non-conformities both in writing and verbally; advise on risk articulation, materiality and required actions to remediate. Communicate with a diverse global audience.
• Collate and assess Cyber intelligence sources to provide insight into a vendor\'s security posture.
• Share knowledge and mentor colleagues, supporting queries and providing guidance on Cyber Vendor Assurance.
• Attend meetings and workshops, acting as delegate for Senior Manager when required.
• Contribute to the ongoing development of the Cyber Vendor Assurance team through constructive challenge, innovation and continual improvement.
• Reinforce TELUS Health\'s Customers First values to ensure positive security outcomes for external customers and internal stakeholders.

• CISM, CRISC, IS027001 LA, CISA.
• 4+ years of applied and practical Cyber Vendor Assurance experience.
• Demonstrated expertise in managing a diverse vendor assurance portfolio with strong technical and interpersonal skills.
• Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities and areas for control enhancement.
• Adept at reviewing Vendor Security policies and standards to ensure appropriate scope and adequacy.
• Clear understanding of information security principles including risk management, information security organization, vulnerability identification, Data Loss Prevention, and supply chain risks.
• Strong stakeholder management and interpersonal skills; ability to engage across geographies and sectors.
• Strong organizational skills and the ability to coordinate and self-manage a portfolio of work to ensure high quality and timely delivery.
• Pragmatic and balanced risk judgment; strong written and verbal communication; detail-oriented with the ability to identify gaps.
• Ability to travel and be away from home as required.

• Procurement knowledge related to the Supplier lifecycle.
• Operational Risk experience.
• Bi-lingual (English + another language).

We\'re a people-focused, customer-first, purpose-driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world.

TELUS is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment. We offer accommodation for applicants with disabilities, as required, during the recruitment process.

The health and safety of our team, customers and communities is paramount to TELUS. Accordingly, we require anyone joining our TELUS Health Care Centres to be fully vaccinated for COVID-19.

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies\' Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.