Third Party - Supplier Risk/Risk Assessor Role

Our client is looking for either an experienced Risk Assessor or an analyst (someone who has some knowledge)

Hybrid role - based in Manchester

Salary: Experienced - (3 + years) £35,000 to £50,000

Junior Analyst - £25,000 to £35,000

Role Purpose of Supplier Risk Assessor

To provide supplier risk management consultancy and assessment services to our client’s portfolio.

Key Responsibilities

• Support the delivery of third-party risk assessments portfolio.
• Supports key client and supplier relationships with stakeholders.
• Participate in risk assessment activities, effectively and within agreed timescales.
• Support supplier engagements to ensure successful completion of assessments.
• Support the assessment of control design and operation, identify risks and issues, and recommend remediation actions.
• Produce good quality deliverables, in line with assessment methodology
• Contribute to production of accurate MI for use in client and management briefings.
• Support supplier assurance programmes and projects.

Objectives

• More experienced Assessor will provide guidance for junior colleagues and knowledge sharing with the wider team.
• Participate in internal improvement initiatives as required.
• Support internal processes such as recruitment activities.

Required Experience

• A minimum of 3 years experience working in Supplier Assurance for the experienced assessor
• A minimum of 1 years experience for the analyst
• An understanding of cybersecurity frameworks e.g. NIST, PCI DSS, ISO, etc.
• Good experience of a variety of risk assessment engagements and lines of defence.
• Knowledge of risk assessment methodology and lifecycle.
• Some experience with standardised and consistent risk methodology.
• Excellent management skills as dealing with stakeholders.
• Good customer facing verbal and written communication skills.
• Ability to work independently or as part of a team, with equal success.
• Initiative and enthusiasm.

Nice to have

• Knowledge and experience utilising industry standard cybersecurity tools and systems.
• A desire to work in a fast-paced environment with a range of clients is key.