Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Analyse third-party security risks and ensure compliance with M&S standards.
- Company: Join M&S, a dynamic and innovative leader in retail.
- Benefits: Enjoy 20% discount, competitive holidays, and wellbeing support.
- Why this job: Make a real impact on security while working in an inclusive environment.
- Qualifications: Experience in third-party security and strong analytical skills required.
- Other info: Flexible hybrid role with excellent career development opportunities.
The predicted salary is between 28800 - 48000 £ per year.
We are seeking an experienced Third-Party Risk Management Analyst to ensure that our suppliers’ security positions are in line with M&S standards and contractual terms. With oversight from the Third-Party Risk Management Leadership and Principal, you will be responsible for the analysis and assessment of third-party security risk assessments to identify potential security risks to M&S. You will also act as a nominated single point contact for suppliers and will be responsible for assessing/monitoring their security posture throughout the lifecycle of M&S contracts.
What You’ll Do
- Deliver and/or support the delivery of third-party security risk assessments during the vendor selection and onboarding processes and as part of ongoing security monitoring.
- Analyse the output of third-party security risk assessments to identify potential or actual security risks that may impact M&S.
- Deliver and/or support the preparation of ongoing reporting of third-party security risk posture, updating KPIs and dashboards.
- Carry out or support regular reviews of standard contractual clauses from a cybersecurity perspective, collaborating with Legal, Data Protection & Privacy and Procurement teams.
- Support and actively contribute to the processes and systems of the third-party security risk management programme, helping to define and maintain standards and guardrails.
- Proactive interaction with third parties to obtain reporting and insight on key information security events, incidents and mitigation efforts.
Who You Are
- Must have demonstrable knowledge of Third-Party Security, supported by a general understanding of cybersecurity governance domains.
- Experience in delivering and analysing third party security risk assessments to manage their security obligations in line with global organisational standards.
- At least 2 years’ relevant security related experience, preferably across a range of sectors (e.g., Retail, Financial Services).
- Proven analytical and problem-solving skills.
- Time management and organisational skills to manage a variety of stakeholders and meet deadlines.
What’s In It For You
- Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day.
- After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
- Competitive holiday entitlement with the potential to buy extra holiday days!
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
We’re ambitious about the future of retail. We’re innovating, disrupting, and leading the way into a more inspiring, digital era. It’s an exciting time to be part of M&S. To support us on our journey, we’re building inclusive, diverse teams where everyone can be themselves, do their best work, and make change happen. We support each other and succeed together. Don’t worry if you don’t meet every single requirement of the job description. It’s more of a guide to what’s possible within the role. If you’re passionate, ready to work hard, and think the role feels right for you, we’d love to hear from you.
TPRM Analyst employer: Marks and Spencer
Contact Detail:
Marks and Spencer Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land TPRM Analyst
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching M&S and their approach to third-party risk management. Show them you’re not just another candidate; you’re genuinely interested in their mission and values.
✨Tip Number 3
Practice your responses to common interview questions, especially those related to security risk assessments. Use the STAR method (Situation, Task, Action, Result) to structure your answers and highlight your experience.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the M&S team.
We think you need these skills to ace TPRM Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experience mentioned in the job description. Highlight your knowledge of Third-Party Security and any relevant experience you have in delivering security risk assessments.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about this role. Share specific examples of how you've managed third-party security risks in the past and how you can contribute to M&S's goals.
Showcase Your Analytical Skills: Since the role requires strong analytical abilities, include examples of how you've successfully analysed security risk assessments or solved complex problems in previous roles. We want to see your thought process!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Marks and Spencer
✨Know Your Stuff
Make sure you brush up on your knowledge of Third-Party Security and cybersecurity governance. Familiarise yourself with M&S's standards and contractual terms, as well as the specific risks associated with third-party suppliers. This will show that you're not just interested in the role but also understand the nuances of the industry.
✨Prepare for Scenario Questions
Expect to be asked about how you would handle specific security risk scenarios. Think of examples from your past experience where you've successfully managed third-party security assessments or resolved issues. Use the STAR method (Situation, Task, Action, Result) to structure your answers clearly.
✨Show Your Analytical Skills
Since the role involves analysing security risk assessments, be ready to discuss your analytical approach. Bring examples of how you've identified potential risks in previous roles and what steps you took to mitigate them. Highlight any tools or methodologies you used to support your analysis.
✨Engage with the Interviewers
Don’t just wait for questions; engage with your interviewers. Ask insightful questions about their current third-party risk management processes and how they measure success. This shows your genuine interest in the role and helps you assess if the company is the right fit for you.
