Cyber Security Specialist - Third Party Risk Management
Job Description:
We are seeking a skilled Cyber Security Specialist to join our team, specializing in Third Party Risk Management. This is an exciting opportunity for you to leverage your expertise and drive value in ensuring the security of our clients' third-party relationships.
* Deliver third-party risk assessments: Identify, assess, and manage security risks associated with vendors, suppliers, and other third parties across the full lifecycle of third-party engagements.
* Advise on frameworks and standards: Apply knowledge of cyber and risk frameworks (e.g., NIST CSF, ISO 27001, CIS 18 ISM/PSPF) to evaluate third-party risk management programs and recommend practical improvements.
* Support assurance and remediation activities: Perform vendor due diligence, control testing, and audit reviews, and work with clients to close security gaps or enhance supplier oversight processes.
* Collaborate on transformation initiatives: Contribute to the design and implementation of third-party risk management operating models, governance structures, and enabling technologies.
Requirements:
To be successful in this role, you will need:
* 2+ years' experience in cyber security, technology risk, or third-party risk management, ideally gained through consulting, assurance, or a second line of defense role.
* Familiarity with third-party risk processes, including due diligence, onboarding, assurance reviews, ongoing monitoring, and exit/offboarding.
* A working understanding of cybersecurity and IT risk frameworks (e.g., NIST CSF, ISO 27001, CIS 18 ISM/PSPF) and how they apply to vendor environments.
* Strong analytical and problem-solving skills, with the ability to work autonomously and deliver high-quality outcomes under time pressure.
Benefits:
We offer a range of benefits to support your personal and professional growth, including:
* Market leading parental leave: Allows either carer to take 26 weeks of leave, flexibly, until a child is two years old.
* Flexible working arrangements: Our people have the autonomy to choose where and when they work, allowing them to integrate their professional and personal lives.
* Additional leave: A fifth week of paid leave to support rest, wellbeing, and inclusion during our annual summer shutdown.
* Employee share options: Every team member has access to employee share options, reflecting our commitment to shared success and ownership.