Introduction At RSA, we believe insurance is about people, not things. We provide our inspiring colleagues the support and opportunity to grow together, shape the future, and win as a team. We are going through a transformation journey, providing our people with opportunity to be integral to improving our service and delivering better products to brokers and customers. We are a proud member of the Intact family, we feel part of something bigger, with a presence in North America, the UK and Europe. We have a bold ambition to become the best Commercial Lines business in the UK, demonstrated by our recent acquisition of NIG and Farmweb, allowing us to scale by leveraging our combined financial strength and importantly ensure our people feel the benefits of our joint capabilities. We are currently recruiting for a Third-Party Cyber Risk Consultant to join our established and experienced Chief Information Office team here at RSA on a hybrid basis. This Position will be a 6 Month FTC. Your Role The Third-Party Cyber Risk Consultant reports to the Third-Party Cyber Risk Manager within the CISO Information Security team. The role is responsible for completing ongoing third-party cyber assessments based on the supplier’s inherent risk rating within the required and assisting process improvements. You will ensure that third-party cyber assessments align with RSA’s security policies, standards, and risk appetite, and that any risks are identified, assessed, and appropriately managed throughout the lifecycle of the supplier. You will work closely with business stakeholders, the wider CISO Information Security Team, and third parties. This will include acting as a cyber risk domain SME for the central Third-Party Management function. You will be highly organised, self-driven, and act with integrity, bringing hands-on experience using Hellios, Bitsight, OneTrust, O365, and automated third-party risk management (TPRM) platforms. About You We are looking for an individual that is highly organised, self-driven, and act with integrity, bringing hands-on experience using Hellios, Bitsight, OneTrust, O365, and automated third-party risk management (TPRM) platforms. You will have demonstrated ability to conduct third-party security risk assessments, including due diligence, risk scoring, and remediation planning as well as having Hands-on experience using online questionnaires, spreadsheets. You must have at least 5–7 years of experience in cybersecurity, with a focus on third-party/vendor risk and familiarity with frameworks like NIST CSF, ISO 27001, SOC 2, and GDPR compliance. You will also be Supporting audits and control validations related to third-party risk, maintaining a register of third-party risks and tracking remediation. This will include producing reports and MI on third-party cyber risk posture and supporting control validations or audits conducted by 2nd and 3rd lines of defence Producing security reports and MI In the role we are looking for someone who has core skills such as influencing others, building effective relationships and being able to make things happen. We are looking for an individual with Good interpersonal skills and experience interfacing with the wider security, technology and business communities to help deliver the security solutions and being motivated by by technical security and risk management challenges. What we offer you At RSA we put our people first. We have adopted hybrid working as standard, to give you a better work/life balance and an excellent flexible working mindset. That is on top of a comprehensive range of benefits, including pension contributions of up to 11% looking after you now, and in the future. We will give you countless opportunities to continuously develop, alongside a diverse and passionate community of experts, the best the industry has to offer. You will be empowered to be your best self, do your best work, and make a meaningful impact. Our employee promise allows you to shape the future, win as a team, and grow with us. About Us We celebrate individuality and it is important to us that we have a culture where our people feel respected and valued for who they are. We pride ourselves on being accessible and encourage inclusive environments where our people can always give and show the very best of themselves. We understand that home life is a priority and are happy to consider reduced hours or job shares. If you think you would be a great fit for us, but do not meet all the requirements of the role, please contact us as we would love to discuss how RSA could be the next step in your career journey. As a Disability Confident employer, we will ensure that a fair and proportionate number of disabled applicants that meet the minimum criteria for this position will be offered an interview. If you wish to be considered under the scheme then please answer yes to the question Do you wish to be considered under the Disability Confident Scheme? in RSAs application form Please let us know if there are any changes we could make to the application process to make it easier and more comfortable for you. Contact our recruitment team so we can work with you to support you throughout your application.