Third Party Information Security Risk Management Specialist

Drive Risk Awareness. Strengthen Supply Chain Security.

We’re looking for an experiencedInformation Security Risk Management Specialistto help safeguard WTW’s global operations byidentifying and managing information security risks across our supply chain.

In this key role, you’ll be responsible fordeveloping and implementing risk management strategies, performing in-depth supplier security assessments, and ensuring compliance withindustry standards, regulatory requirements, and internal WTW policies.

You'll play a critical part in enhancing our third-party risk posture by working closely with internal teams and external partners toassess vulnerabilities, mitigate threats, and embed security best practicesthroughout the supply chain.

If you have a strong background in information security, risk management, and a passion for making businesses more resilient—we’d love to hear from you.

The Role

This role will support the ongoing operations of WTW Technology and Cyber Risk and Controls & Regulatory engagement function in:

Evaluate supplier information security practices, policies and systems or risk exposure.  Enhance risk assessment methodologies for supplier relationship management. Conduct thorough security assessments of suppliers to identify potential risks and vulnerabilities. Engage with procurement, legal and other stakeholder to integrate security requirements into supplier contracts. Collaborate with suppliers to develop and implement risk mitigation plans. Identify supplier risks and security gaps and support of tracking and remediation.  Guide and support the Third-Party Security Assessment team with assessments and due diligence activities in line with Information and Cyber Security requirements. Provide guidance and support to internal teams on supplier risk management best practices. Stay up to date with the latest information security trends, threats, and technologies. Provide reports and recommendations to management on supplier risk and mitigation activities. Ensure adherence to relevant regulations, WTW standards, and industry best practices.

At WTW, we trust you to know your work and the people, tools and environment you need to be successful. The majority of our colleagues work in a ”hybrid” style, with a mix of remote, in-person and in office interactions dependent on the needs of the team, role and clients. Our flexibility is rooted in trust and “hybrid” is not a one-size-fits-all solution. We understand flexibility is key to supporting an inclusive and diverse workforce and so we encourage requests for all types of flexible working as well as location-based arrangements. Please speak to your recruiter to discuss more.