Job ID 333368
Third Party Risk Management and Assurance Consultant – Remote
We are searching for experienced 3rd Party Risk Management and Assurance Consultants to join our growing and reputable organisation. They help organisations to identify, assess and remediate risk throughout their 3rd party and vendor relationships.
This is a progressive and innovative company with an expanding portfolio of client projects, particularly in the past few years.
They are looking for Consultant positions.
The responsibilities below are split into Management Consultancy and Risk Assessment, these are separate roles at both the Consultant level.
Supplier Risk Management Consultancy
· Scope, perform, report and deliver a variety of TPRM consulting engagements.
· Design and implement overall TPRM frameworks.
· Complete current state assessments and gap analysis.
· Design operating models and options.
· Conduct systems and process assessments and perform options analysis.
· Build and document business processes.
· Participate in remediation projects.
Supplier Risk Assessment
· Manage a diverse portfolio of supplier risk assessments for our clients.
· Plan and execute risk assessment activities end to end, effectively and within agreed timescales.
· Coordinate supplier engagement to ensure successful completion of assessments.
· Assess the effectiveness of controls, identify risks and issues, and recommend remediation actions.
· Produce high quality deliverables, in line with the assessment methodology.
· Monitor assessment progress and produce accurate MI for use in client briefings.
· Maintain stakeholder relationships at client and supplier companies.
· Engage in internal process improvements as required.
Key Skills & Experience
· A minimum of 3 years’ experience working in Third-Party Risk Management/Supplier Assurance.
· An understanding of cybersecurity frameworks e.g. NIST, PCI DSS, ISO, etc.
· Experience supporting a TPRM function in a fast-paced environment (industry or consulting).
· Demonstrable knowledge of outsourcing and TPRM regulations (e.g. PRA, EBA and FCA).
· Knowledge of TPRM assessment lifecycle.
· Ability to address risk utilising standardised and consistent methodology.
· Knowledge of threat modelling techniques.
· Good customer facing verbal and written communication skills.
· Comfortable engaging with client and supplier representatives.
· Operate independently and perform tasks with minimal supervision.
· Be comfortable with ambiguity and taking on projects where the scope and stakeholder landscape are not always clear.
· Knowledge and experience utilising industry standard cybersecurity tools and systems.
· A consultancy background is not required, but a desire to work in a fast-paced environment with a range of clients is key