Third party security assurance

Reading (Berkshire)
Permanent
Next Ventures
Security
Posted: 28 January
Offer description

Summary Description

Third-Party Security Assessment (TPSA) Assistant supporting informed vendor risk decisions that enable procurement and governance approval within a regulated environment.


Role Type

Contract / Fixed Term


Start Date

Immediate


Salary

Day Rate


Location / Language

Reading – 2 days per week onsite (hybrid)


Requirements Description

The TPSA Assistant will support third-party/vendor security and risk assessments, ensuring risks are clearly documented and presented to enable procurement decisions and governance approvals. The role requires strong attention to detail, an understanding of information security risk, and the ability to support multiple vendor assessments concurrently.


Tasks Description

* Support third-party security and vendor risk assessments
* Assist with vendor onboarding, renewal, and periodic review activities
* Review and track security questionnaires (SIG, CAIQ, DDQs)
* Collect, validate, and review vendor security evidence (ISO 27001, SOC reports, policies)
* Support inherent and residual risk scoring under guidance
* Document risk findings, issues, and remediation actions
* Prepare assessment summaries to support procurement and governance approval
* Maintain accurate records within TPRM / GRC tools
* Liaise with InfoSec, Risk, Compliance, and Procurement stakeholders


Essential Skills / Experience Description

* Experience supporting Third-Party Risk Management (TPRM) or vendor risk assessments
* Understanding of information security risk and security control frameworks
* Familiarity with ISO 27001, SOC 1 / SOC 2, or equivalent standards
* Experience reviewing vendor documentation and assessment evidence
* Knowledge of GRC concepts (governance, risk, compliance)
* Strong documentation and stakeholder communication skills


Desirable Skills / Additional Information Description

* Experience within financial services or regulated environments
* Exposure to TPRM tools (ServiceNow, Archer, OneTrust, MetricStream)
* Knowledge of GDPR / data protection requirements
* Understanding of BCP / DR and operational resilience
* Relevant certifications or training (ISO 27001, Security+, CISA, CRISC – beneficial but not required)


Team Contact

jude.russell@next-ventures.com

#J-18808-Ljbffr

Apply
Create E-mail Alert
Job alert activated
Saved
Save
See more jobs
Similar jobs
Next Ventures recruitment
Next Ventures jobs in Reading (Berkshire)
Security jobs in Reading (Berkshire)
jobs Reading (Berkshire)
jobs Berkshire
jobs England
Apply
Create E-mail Alert
Job alert activated
Saved
Save