Third Party Risk Consultant

Job Description
Third Party Risk Consultant required for market leading financial services firm. The role will be centred around establishing a third-party risk function/capability within a subsidiary that is breaking away from the group.
Main Duties and Responsibilities

• Design and deliver third party risk roadmap to establish function and build out capabilities
• Engage with suppliers / relationship owners / Procurement function as needed to assist in achieving the team's objectives;
• Establish supplier assessment framework and ensure that they are performed in a timely fashion and be able to manage multiple assessments simultaneously.
• Baseline and analyse suppliers against the firm's information security (and industry) standards and highlight areas of non-compliance and/or concern and facilitate development of pragmatic solutions;
• Design triage process for completed questionnaires and supporting documentation to validate suppliers' implementation of information security controls and make appropriate recommendations.
• Act as key point of contact for any supplier related information security questions and issues and provide guidance to stakeholders on the established process.
• Appoint and support Supply Chain Information Risk Manager in conducting Information Security onsite assessments at supplier locations (as well as remote reviews). Take responsibility for administration of the function's supply chain risk platform and offer associated meaningful reporting to inform the business of current risk posture.
• Remain informed on trends and issues in the information security industry.
• Develop method in relaying the Firm's own information security controls to clients via (inter alia) completion of questionnaires and submission of audit evidence etc.

As an ideal candidate, you will have expert knowledge of third-party risk management and have an industry certification such as CISSP, CISM, CRISC. You will also have a proven track record of delivery in a similar role.