Third Party Security Assessor

Business Unit:

Information and Cyber Security team aims at protecting WTW, our colleagues and our clients confidential information by assuring its handled securely by security assessing assets and Third parties as well as assuring client legal obligations with control owners globally.

Roles and Responsibility:

• Leading and coordinating the completion of Third-party assessments aligned with WTW best practice and global standards and controls frameworks.

• Scheduling periodical re-assessments to ensure ongoing alignment with WTW standards and controls

• Agree scheduled checkpoints with the Third Parties and WTW Business Service Owner to review remediation progress, maintain a central evidence repository, and track identified issues through to closure.

• Deliver comprehensive reporting on operational and security KPIs related to Third Party Security activities, highlighting gaps and risks, recommending mitigating actions and escalating key decisions .

• Providing risk-based advice on all information security issues related to Third Parties.

Provide leadership with critical insights to support strategic planning and prioritization of future initiatives.

• Collaborate with WTW stakeholders, such as CISO Office and the Internal Audit, to support the execution of internal and external audits and manage the delivery of required remediation activities in a timely manner.

• Assisting and collaborating with Internal teams in the event of Third Party security incidents investigation and supporting follow up activities.
• Assist in the development and continuous improvement of third party risk management frameworks and processes, ensuring that WTW information security controls outlined in the policies and standards are effectively applied by third parties.

• Experience required: 6-10 Years