Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support vendor assessments and monitor third-party risks in a dynamic retail environment.
- Company: Join a global leader in retail and manufacturing with a focus on information security.
- Benefits: Remote work flexibility, competitive pay, and opportunities for professional growth.
- Other info: Collaborative team culture with opportunities to engage across various departments.
- Why this job: Make a real impact by ensuring vendors meet cybersecurity and compliance standards.
- Qualifications: Experience in third-party risk management and strong communication skills required.
The predicted salary is between 40000 - 50000 ÂŁ per year.
Contract | Inside IR35 | UK Remote (occasional Leeds)
Industry: Retail / Manufacturing
Duration: Initial 3 months
Overview
We’re working with a global retail and manufacturing organisation to hire a TPRM Analyst into their Information Security Risk function. This role supports the assessment and ongoing monitoring of a large third‑party vendor estate, helping ensure external suppliers meet required cyber‑security, compliance, and risk standards. This is a hands‑on, analyst role, well suited to someone with practical experience running vendor due‑diligence processes and working directly with third parties to address cyber and information‑security risks.
Key Responsibilities
- Vendor Due Diligence & Assessment
- Support the execution of the vendor due‑diligence process across the full vendor lifecycle
- Issue, track, and review vendor security questionnaires covering security, privacy, and compliance
- Review and analyse security documentation, including SOC reports, ISO 27001 certifications, and other assurance evidence
- Use TPRM and security‑monitoring tools to assess vendor security posture and risk exposure
- Identify, document, and track risks arising from third‑party engagements
- Work with vendors and internal stakeholders to drive remediation of identified issues
- Support risk acceptance and escalation processes where appropriate
- Collaborate with Information Security, IT, Legal, and Procurement teams
- Communicate risk findings clearly to both technical and non‑technical stakeholders
- Ensure alignment with internal information‑security policies and third‑party risk standards
- Support reporting, metrics, and KPI tracking across the TPRM programme
- Assist with security reviews of supplier contracts to ensure appropriate clauses are in place
- Support vendor assessments linked to Authorised Economic Operator (AEO) compliance
Skills & Experience
- Understanding/experience with third‑party risk management, information security, and IT risk frameworks.
- Familiarity with vendor assessment processes and security/compliance standards (e.g. ISO 27001, SOC 2, CyberEssentials).
- Experience with TPRM or security posture monitoring tools is desirable.
- Experience reviewing security documentation and audit reports is desirable.
- Ability to manage multiple stakeholders and priorities effectively.
- Good communication skills, with the ability to translate technical findings into business context.
Risk Analyst in Leeds employer: Lorien
Contact Detail:
Lorien Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Risk Analyst in Leeds
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, especially those who work in risk management or information security. A friendly chat can lead to insider info about job openings that aren't even advertised yet.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of vendor due diligence and third-party risk management. We recommend practising common interview questions and scenarios related to cyber-security risks to show you're ready to tackle the role head-on.
✨Tip Number 3
Don’t forget to showcase your communication skills! When discussing your experience, make sure to highlight how you've effectively communicated risk findings to both technical and non-technical stakeholders. This is key in making a strong impression.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive and engaged with our platform.
We think you need these skills to ace Risk Analyst in Leeds
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Risk Analyst role. Highlight your experience with vendor due diligence and any relevant security frameworks like ISO 27001. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about third-party risk management and how your background makes you a great fit for our team. Keep it concise but impactful!
Showcase Your Communication Skills: Since this role involves engaging with various stakeholders, make sure to demonstrate your communication skills in your application. We love seeing examples of how you've translated technical findings into business context in the past.
Apply Through Our Website: Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, we can’t wait to see what you bring to the table!
How to prepare for a job interview at Lorien
✨Know Your Stuff
Make sure you brush up on third-party risk management and information security frameworks. Familiarise yourself with standards like ISO 27001 and SOC 2, as well as the vendor assessment processes. This will help you answer questions confidently and show that you're serious about the role.
✨Prepare for Scenario Questions
Expect to be asked about real-life situations you've faced in vendor due diligence or risk assessment. Think of specific examples where you identified risks or worked with stakeholders to resolve issues. This will demonstrate your hands-on experience and problem-solving skills.
✨Communicate Clearly
Since you'll need to engage with both technical and non-technical stakeholders, practice explaining complex concepts in simple terms. This will not only help you during the interview but also show that you can bridge the gap between different teams effectively.
✨Ask Insightful Questions
Prepare some thoughtful questions about the company's approach to third-party risk management and how they measure success in this role. This shows your genuine interest in the position and helps you assess if the company is the right fit for you.