Back to search
Location: London
Contract Length: 6 months
Rate: 575p/d Inside IR35
Start Date: ASAP
About the Role:
We are seeking an experienced Third-Party Risk Specialist to join a Financial Services business on a contract basis. This role focuses on ensuring that our third-party vendors and partners comply with our security standards and regulatory requirements. The ideal candidate will bring expertise in identifying, assessing, and mitigating cybersecurity risks associated with third-party engagements.
Key Responsibilities:
- Conduct comprehensive security assessments of third-party vendors, including risk analysis and remediation planning.
- Develop and maintain third-party risk management frameworks, policies, and processes.
- Collaborate with procurement, legal, and IT teams to embed cybersecurity requirements into third-party contracts and agreements.
- Analyse vendor responses to security questionnaires and perform due diligence audits.
- Evaluate third-party compliance with cybersecurity standards such as ISO 27001, NIST, and GDPR.
- Monitor and manage third-party risks throughout the vendor lifecycle, including onboarding and ongoing reviews.
- Create detailed risk assessment reports and present findings to senior management.
- Stay updated on emerging threats and third-party risk trends, adapting the risk management program as needed.
Key Skills and Experience:
- Proven experience in third-party/vendor risk management and cybersecurity.
- Strong knowledge of cybersecurity frameworks and regulations (e.g., ISO 27001, NIST, GDPR, PCI-DSS).
- Hands-on experience conducting security assessments, risk analyses, and compliance checks.
- Ability to develop and implement risk mitigation strategies for third-party risks.
- Excellent communication skills for stakeholder management and reporting.
- Certifications such as CISSP, CISM, CRISC, or CISA are desirable.
- Proficiency with tools for risk management and vendor assessments is a plus.
GCS is acting as an Employment Business in relation to this vacancy.
