Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct vendor security reviews and support Cloudflare’s Third Party Risk Program.
- Company: Join Cloudflare, a leader in building a better Internet with a vibrant culture.
- Benefits: Competitive salary, inclusive environment, and opportunities for personal growth.
- Why this job: Make a real impact on Internet security while developing your skills in a dynamic team.
- Qualifications: 2-5 years in Security GRC and experience with vendor security documentation.
- Other info: Exciting career growth in a billion-dollar business with a commitment to innovation.
The predicted salary is between 36000 - 60000 £ per year.
About Us
At Cloudflare, we are on a mission to help build a better Internet. The company runs one of the world’s largest networks, powering millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request, leading to significant improvement in performance and a decrease in spam and other attacks.
The Team
We are hiring an experienced Security Third Party Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for completing vendor security reviews, maintaining our vendor master list, and supporting Cloudflare’s Third Party Risk Program. This is an opportunity to join a rapidly scaling and world‑class security organization within a billion‑dollar business.
What You’ll Do
- Execute vendor security reviews by collecting and analyzing vendor security control documentation and audit reports.
- Assist in identifying third‑party security risks, documenting findings, and recommending risk treatment options.
- Collaborate with the Contracts & Legal teams to ensure security contract requirements are incorporated into vendor agreements.
- Support the maintenance of Cloudflare’s vendor master list, ensuring data accuracy and proper classification of critical vendors.
- Help the team monitor current security events (e.g., zero‑day vulnerabilities) and support outreach to vendors to confirm their status and remediation efforts.
- Gather and prepare evidence of vendor security reviews to support Cloudflare’s security certification audits.
- Liaise and coordinate with stakeholders across Cloudflare’s Procurement, IT, Contracts, Legal, and Privacy teams to ensure vendor due diligence workflows are completed efficiently.
- Assist in the ongoing improvement of the vendor security review process, documentation, and tooling.
Some travel may be required to engage teammates and stakeholders in San Francisco, Austin, or other global Cloudflare locations.
Examples Of Desirable Skills, Knowledge, and Experience
- Experience typically gained in 2‑5 years working in Security GRC.
- Experience reviewing vendor security documentation including ISO 27001, SOC 2, PCI DSS, and other audit reports.
- Experience identifying security controls gaps, determining risk ratings, and recommending mitigating controls.
- Familiarity with security contract requirements.
- Strong organizational, analytical, and interpersonal skills.
- Self‑starter with the ability to work independently with a sense of curiosity.
What Makes Cloudflare Special?
Cloudflare’s mission to protect the free and open Internet is supported by projects such as Project Galileo, the Athenian Project, and the public DNS resolver 1.1.1.1, each delivering services to diverse communities worldwide. Our culture, commitment to innovation, and focus on inclusion set us apart.
Security Third Party Risk Management Specialist II in London employer: CloudFlare
Contact Detail:
CloudFlare Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Third Party Risk Management Specialist II in London
✨Tip Number 1
Network like a pro! Reach out to current employees at Cloudflare on LinkedIn or other platforms. Ask them about their experiences and any tips they might have for your application process. It’s all about making connections!
✨Tip Number 2
Prepare for the interview by diving deep into Cloudflare’s mission and values. Show us that you’re not just another candidate, but someone who genuinely cares about building a better Internet. Tailor your answers to reflect our culture!
✨Tip Number 3
Practice makes perfect! Get a friend to do mock interviews with you. Focus on articulating your experience in Security GRC and how it relates to the role. The more comfortable you are, the better you’ll perform!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows us you’re serious about joining the Cloudflare team. Let’s make it happen!
We think you need these skills to ace Security Third Party Risk Management Specialist II in London
Some tips for your application 🫡
Show Your Curiosity: When writing your application, let your curiosity shine through! Mention specific aspects of Cloudflare's mission or projects that excite you. This shows us you're genuinely interested in what we do.
Highlight Relevant Experience: Make sure to detail your experience in Security GRC and vendor security reviews. Use examples that align with the job description to demonstrate how your skills can contribute to our team.
Be Organised and Clear: Keep your application well-structured and easy to read. We appreciate clarity, so use bullet points or headings to break up information. This helps us quickly see why you’d be a great fit!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at CloudFlare
✨Know Your Stuff
Make sure you’re familiar with key security frameworks like ISO 27001, SOC 2, and PCI DSS. Brush up on how these apply to vendor security reviews, as you’ll likely be asked about your experience with them during the interview.
✨Show Your Curiosity
Cloudflare values curiosity, so don’t hesitate to ask insightful questions about their Third Party Risk Program. This shows that you’re genuinely interested in the role and eager to learn more about their processes.
✨Be Organised
Prepare a structured approach to discussing your past experiences. Use the STAR method (Situation, Task, Action, Result) to clearly articulate how you’ve handled vendor security reviews and identified risks in previous roles.
✨Collaborate Like a Pro
Highlight your teamwork skills by sharing examples of how you’ve worked with cross-functional teams, such as Legal or IT, to ensure vendor due diligence. Cloudflare looks for candidates who can effectively liaise with various stakeholders.
