ABOUT US
We’re building Tomorrow’s Connections Today, bringing people together through the power of our technology.
Liberty Global is a world leader in converged broadband, video and mobile communications and an active investor in cutting-edge infrastructure, content and technology ventures.
With our investments in fibre-based and 5G networks we play a vital role in society, currently providing over 85 million fixed and mobile connections and rolling out the next generation of products and services, while readying our networks for 10 Gbps and beyond.
We’re creating national champions, combining the best broadband and mobile networks under brands such as Virgin Media-02 in the UK, VodafoneZiggo in The Netherlands, Telenet in Belgium, Sunrise in Switzerland, Virgin Media in Ireland and UPC in Slovakia.
Liberty Global Ventures, our global investment arm, has a portfolio of more than 75 companies and funds across content, technology and infrastructure, including strategic stakes in ITV, Univision, Plume, Lionsgate and the Formula E racing series.
Our scale enables us to transfer knowledge and expertise across our operations and investments, creating a dynamic family of brands united in the pursuit of innovation and excellence.
And we’re prioritising diversity, equity and inclusion in our workplace and communities, while reducing our impact on the environment. We are using technology as a force for good; for our people, our partners and the planet.
JOB PURPOSE
To provide assurance to LG of the security performance of their strategic partners. They will lead the ‘Strategic Partner Oversight Function’ for LG and will work closely with the Director of Cyber Security Oversight & Assurance.
The individual will be responsible for the end to end security oversight and security governance of LG strategic partners. They'll be the primary single point of contact for all security governance activities involving major third parties. They will be accountable for planning, drafting, owning, maintaining and delivering a ‘Strategic Partner Security Oversight and Governance Framework’. They will manage all associated standards, team profiles, plans, templates, meetings, and documentation associated with the framework requirements. They will provide assurance, along with their team, of strategic partner’s security governance, management, results, controls, processes and operating procedures on an ongoing basis.
The director will hold the strategic partners to account for all key security results, addressing shortfalls, and ensuring SLA compliance. Be the primary internal point of contact for the business to raise security concerns or issues relating to strategic third parties.
The Strategic Partner Oversight Framework will include a number of mechanisms, all of which the role will be responsible for delivering, including:
1. Routine governance and management meetings
2. Routine security oversight boards
3. Partner compliance and assurance reviews and audits
4. Security Questionnaires
5. Ad-hoc reporting relating to security operations
The individual will produce and distribute reports to both the strategic partner and LG management; which include any recommendations and non-conformances with strategic partners. They will feed into critical metrics which reflect the current status of security; and which will support governance reporting.
The individual will input into, and take output from, the wider strategic partner governance processes managed by LG; and the more general third party security processes.
KEY ACCOUNTABILITIES
6. Develop a detailed understanding of LG’s Strategic Partners; including their roles, responsibilities, results, connect with LG and operating model.
7. Ownership and delivery of a ‘Strategic Partner Security Oversight and Governance Framework’
8. Definition, ownership and delivery of a Strategic Partner Security Oversight and Governance Plan
9. Ownership of relevant strategic partner documentation and tools
10. To undertake assessments of administrative, logical and physical security controls across relevant parts of Strategic Partners. Including deep dive technical assessments of security controls.
11. Deliver clear reports against the Strategic Partner Security Oversight and Governance Plan
12. To understand strategic partner compliance with relevant legal and regulatory requirements
13. To clearly understand the scope and coverage of strategic partners external certifications.
14. To articulate clearly where the strategic partner is not follows their obligations
15. Present clear, accurate and actionable corrective actions.
16. Manage and supervise to completion all corrective actions.
17. Highlight trends in compliance, schedule adherence control efficiency and corrective actions.
18. Production of metrics, reports and KPIs over the team
19. Act in good faith, impartially and fair.
20. Management of workload; and show concern where further support is required.
21. Identification and Escalation of governance issues beyond the scope of security governance.
22. To continuously improve the Strategic Partner Security approach
23. Other tasks as required by security leadership
Key interfaces
24. Acting as the primary point of contact major international strategic partners
25. Reporting between Strategic Partner Governance Streams
26. Oversight and Assurance (O&A) Director / CSO to report position of strategic partners
27. Collaborating closely with CSO Business Manager to deliver KPIs and Metrics
28. Working with LG security teams to understand their work with partners
29. Liaising with external bodies and assessors
30. Engagement with other internal partners
31. Collaborate with other O&A assurance specialists for audit support where required
Required critical behaviours
32. Effective verbal communicator to ensure engagement with personnel from across the organisation and Strategic Partners.
33. Ability to lead, manage and coach a team
34. Ability to adapt communication and management style to suit formality of the partner engagement.
35. Excellent documentation and report writing skills.
36. The ability to manage and prioritise workload.
37. Customer and partner focussed with attention to detail and the ability to meet multiple competing deadlines.
38. Ability to adapt approach and content to audiences across operational, security, and management.
KNOWLEDGE & EXPERIENCE
SKILLS & ABILITIES:
t is critical to the role that you have proven experience of undertaking Assurance or Auditing in a global organisation and experience of building and maintaining a relationship with a major external party.
Essential skills:
39. Experience of a large, complex, global matrix organisation
40. Experience of Leadership
41. Technical auditing experience
42. Strong and demonstrable experience in an information security role in a large commercial organisation.
DESIRABLE SKILLS & ABILITIES:
43. Specific experience of ISO 27001 Lead Auditing or CISA Auditing
44. Desirable: Knowledge or experience of the telecoms industry
45. Knowledge and experience of working internationally
PREFERRED EDUCATION/ QUALIFICATIONS:
Educated to degree level or holding a professional qualification (e.g. CISSP, CISM, CISA, Auditor/Implementer for ISO 27001 or equivalent)
BENEFITS:
46. Competitive salary + Eligibility for our Bonus Plan
47. 25 days annual leave with the option to purchase 5 more
48. 24 hours of Volunteering Time Off
49. Free access to LinkedIn Learning to continue to develop and grow your career with us
50. Free premium subscription to Calm – a renowned well-being & meditation app
51. Company Laptop, Mobile and Phone Subscription
52. Company Pension Contributions
53. Access to personal medical and dental insurance (UK)
54. Access to discounts on superfast fibre broadband subscriptions.
* Liberty Global is an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for our people! We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. We’re 100% committed to having a workforce that represents every part of our society. So we’re keen to hear from candidates of all background and circumstances.