As a Data Protection and Information Security Analyst you will have a strong focus on supplier assurance and data privacy‑related audits, working within a dedicated Information Security team. You will support Data Protection, Supplier risk classification, PII risk management and Data Minimisation and third‑party supply chain risk reduction,
You will be;
* Running Information Security and Data Privacy compliance checks across 3rd party supplier risks.
* Conducting assessments, building, analysing and maintaining a central repository of third‑party data security information, data processes, ROPA (Record of Processing Activities), compliance questions and related project documentation.
* Ensuring suppliers work only with the Personal Identifiable Information (PII) required, promoting strong data minimisation practices.
* Supporting the team in developing and improving third‑party risk management processes and improvement plans.
* Assisting with the categorisation and tiering of the supplier risk register alongside improvement objectives where needed.
Ideal, but not essential;
* Experience using GRC or audit tools (beneficial but not essential).
* Knowledge of Data Protection GDPR and ideally regulatory compliance and privacy standards such as ISO 27001.
* Understanding of how data protection, security, risk, compliance and privacy principles link together.
* Strong initiative and a proactive approach.
* A desire to learn continuously and develop professionally.
* Strong attention to detail and analytical thinking.
Please apply in the first instance for immediate consideration
#J-18808-Ljbffr