Senior Third-Party Risk Manager

What’s in it for you

We’re all about the little helps. That’s why we give our wonderful colleagues bags of benefits. Including wellbeing services, an award-winning pension scheme and much, much more, our colleague reward package keeps on giving. And helps make every day a little better for you and your family. These include but are not limited to:

• Annual bonus scheme of up to 20% of base salary
• Holiday starting at 25 days plus a personal day (plus Bank holidays)
• Buy holiday salary sacrifice scheme (for salaried roles)
• Private medical insurance
• Retirement savings plan - save between 4% and 7.5% and Tesco will match your contribution
• Life Assurance - 5 x contractual pay
• 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
• The right to request flexible working from your first day with us
• Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
• A Colleague Clubcard for you & a family member (after 3 months of service), giving you access to lots of discounts in-store & online
• Great colleague deals and discounts, saving you money on everyday purchases, eating out and utility bills for the home
• Access to our colleague networks providing a space for colleagues to come together from a range of backgrounds. For more information about our colleague networks please click here
• Opportunities to get on - take advantage of our ongoing learning opportunities and award-winning training, to help you achieve the job and career you want

Click Here to read more about the full range of benefits we have available for our colleagues

About the role

This is a fantastic opportunity to join Tesco's Third-Party Risk Management Team, part of the wider Cyber function. The Third-Party Risk team provides assurance to Tesco by assessing the security risk and criticality of third-party (supplier) organisations that store, access or process Tesco data or provide a critical service. 

You will be responsible for

- Expertise in IT risk and controls principles, Cyber security audit methodology, third party cyber security risk review methodology and common challenges.

- Support team lead on driving our quality improvement agenda across all business areas/functions.

- Monitor internal operational adherence to our methodology and guidelines and provide real time feedbacks.

- Work collaboratively with review platform provider in driving feature enhancement implementation.

- Contribute to the design and implementation of strategic initiatives regarding continuous improvement over operational efficiency, quality and risk management.

- Work closely with the relevant business owners, legal and procurement to ensure third party risks are considered and managed at appropriate points of the supplier lifecycle.

- Support Technology colleagues with queries relating to supplier assurance.

You will need

• IT audit/risk management, with examples of managing technology risk and compliance within an organisation

• Knowledge of ISO standards in relation to information security and business continuity

• SME level expertise in respect to information security risk management processes, frameworks and procedures

• Leading, planning and conducting interviews with suppliers (or similar stakeholders) to obtain an understanding of the area being reviewed

• Critical thinking with strong attention to detail and good organisational skills

• Strong written, verbal communication and presentation skills, working with all levels of seniority and disciplines within the organisation

• Able to build solid working relationships with peers as well as internal and external stakeholders

• At least one professional qualification such as CISA, CISM, CISSP or equivalent

About us

Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.

We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.

We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you.  We work in a more blended pattern - combining office and remote working.  Our offices will continue to be where we connect, collaborate and innovate.  If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.