Cyber Vendor Assurance Security Consultant (Remote - UK)

TELUS Health is empowering every person to live their healthiest life. Guided by our vision, we are leveraging the power of our leading edge technology and focusing on the uniqueness of each individual to create the future of health. As a global-leading health and well-being provider – encompassing physical, mental and financial health – TELUS Health is improving health outcomes for consumers, patients, healthcare professionals, employers and employees.

We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be a step ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.
The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cybersecurity posture.
We manage our cyber risks and provide industry leading cyber governance, assurance and oversight to secure our data. We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.

Here’s the impact you’ll make and what we’ll accomplish together:

As a Cyber Vendor Assurance Security Consultant (Security Cnslt II) you’ll be keeping TELUS Health safe and protected by providing Cyber oversight across a diverse Global supplier portfolio.

Here’s the impact you’ll make and what we’ll accomplish together:

As a Cyber Vendor Assurance Security Consultant, you’ll be keeping TELUS Health safe and protected by providing Cyber oversight across a diverse Global supplier portfolio.

You will support all the key elements involved in the end-to-end Cyber Vendor Assurance program. Primary focus being to provide assurance regarding the confidentiality, integrity, and availability on the suppliers that we have entrusted our data /infrastructure with.

For this to be achievable, it will involve working extensively with internal and external stakeholders. To allow for identification of vulnerabilities and areas of improvement to protect our Brand, colleagues and customers, in turn helping to promote a collaborative Security culture.

What you will do:

You will manage and own a diverse portfolio of vendor assessments, undertaking Information Security reviews using a defined methodology.
From planning, reviewing vendor responses, vendor assessments, reporting of identified risks and provision of required remediation.
Given the nature of the role you will be providing guidance to both internal and external stakeholders across a global mandate.

• Assessing responses to a defined set of Information Security controls, ensuring quality and completeness of returns.
• Reviewing and assessing vendor responses. Identification of risk/vulnerabilities.
• Proposing supporting remediation activities relative to identified vulnerabilities. Liaising with key stakeholders to ensure appropriate escalation and timely remediation.
• Maintaining and producing detailed reporting as well contributing towards key risk indicators and team management information.
• The ability to articulate non-conformities both written and verbally.
• Advising on risk articulation, materiality and required actions to remediate. An adaptive communication style to reflect a diverse stakeholder audience across a global environment will be essential.
• Collating and assessing various Cyber intelligence sources to help provide greater insight as to the Vendors underlying Security posture.
• Share knowledge and mentoring to colleagues, supporting queries and providing guidance in relation to Cyber Vendor Assurance.
• Attending meetings, workshops, acting as delegate for Senior Manager when required.
• Actively contribute to the ongoing development of the Cyber Vendor Assurance team through constructive challenge, providing solutions, innovation and continual improvement.
• Reinforce TELUS Health's Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders.

What you bring:

• CISM, CRISC, IS027001 LA, CISA.
• 4 + years of applied and practical Cyber Vendor Assurance experience.

• Ability to demonstrate expertise and application of knowledge, in terms of technical and softer skills that are required in managing a diverse vendor assurance portfolio.
• Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities / areas of control enhancement.
• Adept at reviewing Vendor Security policies and standards to ensure appropriate scope and adequacy.
• Clear understanding of information security principles. Including risk management, organization of Information Security, vulnerability identification, Data Loss Prevention, Supply chain associated risks etc.
• Strong stakeholder management and interpersonal skills. Ability to engage and develop relationships across a broad range of geographies and sectors.
• Strong organisational skills, with the ability to coordinate and effectively self-manage your own portfolio of work, independently to ensure high quality and timely delivery.
• Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement.
• Strong communication skills (verbal and written)
• Strong analytical skills, attention to detail and coupled with capability to identify omissions/ gaps /areas of focus.
• Ability to accommodate travel and time away from home may be required.

Nice to haves:
• Procurement knowledge, reflective of the Supplier lifecycle.
• Operational Risk experience.
• Bi-lingual (English + one other)

A bit about us

We’re a people-focused, customer-first, purpose-driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world. 

TELUS is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment. We offer accommodation for applicants with disabilities, as required, during the recruitment process. 

The health and safety of our team, customers and communities is paramount to TELUS.  Accordingly, we require anyone joining our TELUS Health Care Centres to be fully vaccinated for COVID-19.

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.