Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead third-party cybersecurity assessments and evaluate supplier security postures.
- Company: Join a leading firm in cybersecurity and technology controls.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Other info: Dynamic role with opportunities to influence strategic risk management.
- Why this job: Make a significant impact on cybersecurity by ensuring supplier safety and resilience.
- Qualifications: 10+ years in cybersecurity with expertise in cloud security and architecture.
The predicted salary is between 100000 - 150000 ÂŁ per year.
As an Executive Director within the Cybersecurity and Technology Controls (CTC) Assessments & Exercises function, you will serve as the senior technical authority for third-party cybersecurity assurance. You will bring deep, hands‑on expertise in cybersecurity architecture, cloud security, and enterprise control frameworks to critically evaluate the control maturity of the firm's most complex and strategically significant suppliers. Reporting to the Global Third-Party Assurance Lead, you help to elevate the technical rigor, depth, and credibility of third‑party assurance outcomes. You will translate complex technical findings into clear, business‑relevant risk insights for senior stakeholders across Cybersecurity, Technology, Risk, and the Business, and will act as a trusted escalation point for the most technically challenging assessments.
Job Responsibilities
- Provide authoritative technical leadership across third-party cybersecurity assessments, bringing deep expertise in cybersecurity architecture, cloud‑native and hybrid environments, application security, and enterprise control domains.
- Lead and personally conduct in-depth technical evaluations of supplier cybersecurity posture, control maturity, and architectural resilience, particularly for the firm's most critical and complex third‑party relationships.
- Perform threat modeling against supplier environments to identify potential security risks and develop mitigation strategies tailored to the firm's risk appetite.
- Evaluate supplier security architectures across public cloud providers (AWS, Azure, Google Cloud), assessing the design and effectiveness of controls in cloud‑native, hybrid, and on‑premises environments.
- Act as the senior technical escalation point for complex supplier risks, control gaps, and remediation strategies, providing credible challenge and expert advisory input.
- Drive the evolution of the third‑party assurance methodology by embedding deeper technical assessment capabilities, including architecture reviews, threat modeling, and cloud security posture evaluation.
- Translate complex technical cybersecurity risks and supplier control deficiencies into clear, actionable, business‑relevant insights for senior leadership and non-technical audiences through detailed reports, presentations, and other appropriate methods.
- Partner with Product Security, Cybersecurity Architecture, Technology Risk & Controls, and Cybersecurity pillar leads to ensure alignment in control intent, solution design, and third‑party risk remediation.
- Lead thematic analysis to identify systemic technical weaknesses, emerging risks, and trends across the supplier landscape, and recommend strategic remediation approaches.
Required Qualifications, Capabilities, and Skills
- 10+ years of professional experience in cybersecurity, with significant depth in senior technical and/or architecture‑focused positions.
- Proven ability to assess and articulate the cybersecurity control maturity of complex technology environments, including enterprise, cloud‑native, and hybrid architectures.
- Deep, hands‑on expertise in cybersecurity architecture, threat modeling, and designing or evaluating secure controls for enterprise‑level solutions.
- Strong understanding of industry cybersecurity frameworks and key control domains (e.g., NIST CSF, ISO 27001, FFIEC, SOC 2, GDPR).
- Thorough design and operational experience across one or more major public cloud providers (AWS, Azure, Google Cloud), with relevant certifications advantageous.
- Proficiency with Cloud Security Posture Management (CSPM) tools and cloud security assessment methodologies.
Assessments & Exercises Director - Third Party Assurance in Bournemouth employer: Cyber Security training courses
Contact Detail:
Cyber Security training courses Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Assessments & Exercises Director - Third Party Assurance in Bournemouth
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field and let them know you're on the hunt for a role. Attend industry events, webinars, or meetups to meet potential employers and get your name out there.
✨Tip Number 2
Show off your expertise! Prepare a portfolio showcasing your past projects and achievements in cybersecurity. This will help you demonstrate your hands-on experience and technical skills during interviews.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or mentors to refine your responses to common questions. Focus on articulating complex technical concepts in a way that’s easy for non-technical stakeholders to understand.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got some fantastic opportunities waiting for you, and applying directly can give you an edge. Plus, it shows your enthusiasm for joining our team!
We think you need these skills to ace Assessments & Exercises Director - Third Party Assurance in Bournemouth
Some tips for your application 🫡
Show Off Your Expertise: When you're writing your application, make sure to highlight your deep expertise in cybersecurity architecture and cloud security. We want to see how your hands-on experience aligns with the role, so don’t hold back on showcasing your skills!
Be Clear and Concise: Remember, we’re looking for someone who can translate complex technical findings into clear insights. Use straightforward language in your application to demonstrate your ability to communicate effectively with both technical and non-technical audiences.
Tailor Your Application: Make sure to tailor your application to the specific requirements of the Assessments & Exercises Director role. Highlight relevant experiences that showcase your ability to evaluate supplier cybersecurity postures and control maturity.
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It’s the best way for us to receive your application and ensure it gets the attention it deserves. We can’t wait to see what you bring to the table!
How to prepare for a job interview at Cyber Security training courses
✨Know Your Cybersecurity Stuff
Make sure you brush up on your knowledge of cybersecurity architecture, cloud security, and enterprise control frameworks. Be ready to discuss specific examples from your past experience that demonstrate your expertise in these areas, especially when it comes to evaluating third-party suppliers.
✨Prepare for Technical Questions
Expect in-depth technical questions related to threat modelling and control maturity assessments. Practise articulating complex concepts in a way that's easy to understand, as you'll need to translate these findings into business-relevant insights for senior stakeholders.
✨Showcase Your Leadership Skills
As a senior technical authority, you'll need to demonstrate your leadership capabilities. Prepare examples of how you've led teams or projects in the past, particularly in challenging situations where you had to provide expert advisory input or escalate complex risks.
✨Align with Their Methodology
Familiarise yourself with the company's third-party assurance methodology. Think about how your experience can contribute to evolving their assessment capabilities, and be ready to discuss how you would approach embedding deeper technical assessments like architecture reviews and cloud security evaluations.