Cyber Vendor Assurance Security Consultant (Remote - UK)

TELUS Health is empowering every person to live their healthiest life. Guided by our vision, we are leveraging the power of our leading edge technology and focusing on the uniqueness of each individual to create the future of health. As a global‑leading health and well‑being provider – encompassing physical, mental and financial health – TELUS Health is improving health outcomes for consumers, patients, healthcare professionals, employers and employees.

We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be a step ahead, tackling the toughest cyber security challenges head‑on with top talent and cutting‑edge technology.

The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world‑class reliability of security networks and systems, and improving our overall cybersecurity posture.

We manage our cyber risks and provide industry leading cyber governance, assurance and oversight to secure our data. We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever‑changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast‑paced environment.

As a Cyber Vendor Assurance Security Consultant (Security Cnslt II) you’ll be keeping TELUS Health safe and protected by providing Cyber oversight across a diverse Global supplier portfolio.

You will support all the key elements involved in the end‑to‑end Cyber Vendor Assurance program. Primary focus being to provide assurance regarding the confidentiality, integrity, and availability on the suppliers that we have entrusted our data /infrastructure with.

For this to be achievable, it will involve working extensively with internal and external stakeholders. To allow for identification of vulnerabilities and areas of improvement to protect our Brand, colleagues and customers, in turn helping to promote a collaborative Security culture.

• Manage and own a diverse portfolio of vendor assessments, undertaking Information Security reviews using a defined methodology.
• Plan, review vendor responses, conduct vendor assessments, report identified risks, and provide required remediation.
• Provide guidance to both internal and external stakeholders across a global mandate.
• Assess responses to a defined set of Information Security controls, ensuring quality and completeness of returns.
• Review and assess vendor responses, identify risks/vulnerabilities.
• Propose supporting remediation activities relative to identified vulnerabilities, liaising with key stakeholders to ensure appropriate escalation and timely remediation.
• Maintain and produce detailed reporting, as well as contributing towards key risk indicators and team management information.
• Articulate non‑conformities both written and verbally.
• Advise on risk articulation, materiality and required actions to remediate, with an adaptive communication style to reflect a diverse stakeholder audience across a global environment.
• Collate and assess various Cyber intelligence sources to provide greater insight into the Vendor's underlying Security posture.
• Share knowledge and mentor colleagues, supporting queries and providing guidance in relation to Cyber Vendor Assurance.
• Attend meetings, workshops, act as delegate for Senior Manager when required.
• Actively contribute to the ongoing development of the Cyber Vendor Assurance team through constructive challenge, providing solutions, innovation and continual improvement.
• Reinforce TELUS Health’s Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders.

• CISM, CRISC, IS027001, CISA.
• 4+ years of applied and practical Cyber Vendor Assurance experience.
• Expertise and application of knowledge, in terms of technical and softer skills required in managing a diverse vendor assurance portfolio.
• Strong understanding of Security frameworks (ISO 27001/27036) and ability to identify vulnerabilities/areas of control enhancement.
• Adept at reviewing Vendor Security policies and standards to ensure appropriate scope and adequacy.
• Clear understanding of information security principles, including risk management, organization of Information Security, vulnerability identification, Data Loss Prevention, Supply chain associated risks, etc.
• Strong stakeholder management and interpersonal skills, engaging and developing relationships across a broad range of geographies and sectors.
• Strong organisational skills, with the ability to coordinate and effectively self‑manage your own portfolio of work, independently to ensure high quality and timely delivery.
• Pragmatic and balanced outlook relative to risk and impact, with the ability to apply sound judgement.
• Strong communication skills (verbal and written).
• Strong analytical skills, attention to detail and capability to identify omissions/gaps/areas of focus.
• Ability to accommodate travel and time away from home may be required.

• Procurement knowledge, reflective of the Supplier lifecycle.
• Operational Risk experience.
• Bi‑lingual (English + one other).

We’re a people‑focused, customer‑first, purpose‑driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world.

TELUS is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment. We offer accommodation for applicants with disabilities, as required, during the recruitment process.

The health and safety of our team, customers and communities is paramount to TELUS. Accordingly, we require anyone joining our TELUS Health Care Centres to be fully vaccinated for COVID‑19.

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.