Location: London
Contract Length: 6 months
Rate: £575p/d Inside IR35
Start Date: ASAP

About the Role:
We are seeking an experienced Third-Party Risk Specialist to join a Financial Services business on a contract basis. This role focuses on ensuring that our third-party vendors and partners comply with our security standards and regulatory requirements. The ideal candidate will bring expertise in identifying, assessing, and mitigating cybersecurity risks associated with third-party engagements.

Key Responsibilities:

Conduct comprehensive security assessments of third-party vendors, including risk analysis and remediation planning.
Develop and maintain third-party risk management frameworks, policies, and processes.
Collaborate with procurement, legal, and IT teams to embed cybersecurity requirements into third-party contracts and agreements.
Analyse vendor responses to security questionnaires and perform due diligence audits.
Evaluate third-party compliance with cybersecurity standards such as ISO 27001, NIST, and GDPR.
Monitor and manage third-party risks throughout the vendor lifecycle, including onboarding and ongoing reviews.
Create detailed risk assessment reports and present findings to senior management.
Stay updated on emerging threats and third-party risk trends, adapting the risk management program as needed.Key Skills and Experience:

Proven experience in third-party/vendor risk management and cybersecurity.
Strong knowledge of cybersecurity frameworks and regulations (e.g., ISO 27001, NIST, GDPR, PCI-DSS).
Hands-on experience conducting security assessments, risk analyses, and compliance checks.
Ability to develop and implement risk mitigation strategies for third-party risks.
Excellent communication skills for stakeholder management and reporting.
Certifications such as CISSP, CISM, CRISC, or CISA are desirable.
Proficiency with tools for risk management and vendor assessments is a plus.

GCS is acting as an Employment Business in relation to this vacancy