Cyber & Third-Party Resilience Specialist

The Cybersecurity UK & CE team is responsible for the implementation and continuous improvement of the CIB Corporate Security programme across the region, working closely with technology, risk, and business stakeholders to deliver practical and proportionate security outcomes.

Key Responsibilities

Third-Party Cyber & IT Risk

• Assess third-party suppliers’ capability to manage technology and cyber risk.
• Support evaluation of residual risk following application of relevant control frameworks.
• Coordinate and perform due diligence and third-party competency validation for Tier 1 and Tier 2 suppliers prior to contract signature.
• Support contractual embedding of IT risk requirements, including risk-inclusive clauses.
• Obtain and assess third-party assurance artefacts (e.g. SOC, ISAE) where required.
• Track and support remediation of third-party risk findings ahead of contract renewal.
• Contribute to the dev...