Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Act as a trusted advisor on security for third-party integrations and manage cyber risk.
- Company: Join M&S, a dynamic and inclusive retail leader innovating for the future.
- Benefits: Enjoy a 20% discount, competitive holidays, bonuses, and extensive wellbeing support.
- Other info: Be part of a diverse team where your ideas can thrive and make a difference.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: 6 years in tech with strong security knowledge and relevant certifications.
The predicted salary is between 60000 - 80000 £ per year.
Act as a trusted advisor to senior stakeholders responsible for ensuring the security of a broad range of technical integrations between M&S and its suppliers, providing risk-based assessments and supporting third-party options to mitigate security risks related to complex TPRM engagements. Ensure Secure-by-Design thinking is embedded into everything we do and that the risks are understood and managed. You will be responsible for establishing and maintaining an effective relationship with assigned portfolio(s) of change from the Third-Party scope at both engineering and management levels. This is a global role that requires cross-organisational influence over all areas of the business and technology including traditional retail, online, international, delivery centres, partners etc to support our mission in the management and reduction of Cyber Risk.
What you'll do:
- Own the InfoSec relationship with identified Third Party portfolio(s) of change to drive risk-aware business decisions.
- Become a trusted advisor to the technical and management teams in your assigned portfolio(s).
- Identify when your TPRM portfolio(s) require additional InfoSec support from areas such as Security Architecture, Security Design or Security Engineering and broker a successful engagement.
- Lead technical security risk assessments and provide requirements and guidance into change activities, founded in CIS and secured by design principles.
- Oversee supplier onboarding risk assessments and ongoing monitoring programs.
Who you are:
- Detailed knowledge of 2 or more security domains and good understanding of others such as Application Security, Network Security, Infrastructure Security, Cloud Security, End-User Compute Security, IoT and ICU Security.
- Demonstrable understanding and experience of risk assessment and compliance frameworks.
- 6 years in technology with at least 2 years' experience delivering advanced level security engineering or similar role.
- Supporting qualifications in technology or security such as Microsoft/Azure Architecture, OR CISSP, CISM, CRISK, CGEIT, CCAK, CCSK, CCSP.
What's in it for you:
- 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household after completing your probationary period.
- Competitive holiday entitlement with the potential to buy extra holiday days.
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
We're ambitious about the future of retail. We're innovating, disrupting, and leading the way into a more inspiring, digital era. It's an exciting time to be part of M&S. To support us on our journey, we're building inclusive, diverse teams where everyone can be themselves, do their best work, and make change happen. We support each other and succeed together. Don't worry if you don't meet every single requirement of the job description. It's more of a guide to what's possible within the role. If you're passionate, ready to work hard, and think the role feels right for you, we'd love to hear from you.
TPRM Security Consultant employer: Marks and Spencer
Contact Detail:
Marks and Spencer Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land TPRM Security Consultant
✨Tip Number 1
Network like a pro! Reach out to people in the industry, especially those already working at M&S or similar companies. A friendly chat can open doors and give you insights that might just help you land that TPRM Security Consultant role.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of security domains. Be ready to discuss how your experience aligns with the job description, especially around risk assessments and compliance frameworks. We want to see your passion and expertise shine through!
✨Tip Number 3
Showcase your problem-solving skills! During interviews, share specific examples of how you've tackled security challenges in the past. This will demonstrate your ability to be a trusted advisor and make risk-aware business decisions.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in being part of the M&S team and contributing to our mission in managing Cyber Risk.
We think you need these skills to ace TPRM Security Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the TPRM Security Consultant role. Highlight your knowledge in security domains and any relevant qualifications to catch our eye!
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're the perfect fit for this role. Share specific examples of how you've acted as a trusted advisor or managed security risks in previous positions.
Showcase Your Soft Skills: We value strong relationships and communication skills. In your application, mention instances where you've influenced stakeholders or collaborated across teams to achieve security goals.
Apply Through Our Website: For the best chance of success, make sure to apply directly through our website. This way, we can easily track your application and get back to you quicker!
How to prepare for a job interview at Marks and Spencer
✨Know Your Security Domains
Make sure you brush up on your knowledge of security domains like Application Security, Network Security, and Cloud Security. Be ready to discuss how your experience aligns with these areas and how they relate to the role of a TPRM Security Consultant.
✨Understand Risk Assessment Frameworks
Familiarise yourself with risk assessment and compliance frameworks. Be prepared to share examples from your past experiences where you've successfully implemented these frameworks in your work, especially in relation to third-party risk management.
✨Showcase Your Advisory Skills
As a trusted advisor, you'll need to demonstrate your ability to influence stakeholders. Think of specific instances where you've provided guidance or support to technical teams and how that led to better security outcomes.
✨Prepare for Technical Questions
Expect technical questions related to security risk assessments and secure design principles. Brush up on CIS standards and be ready to explain how you've applied these in previous roles, particularly in complex TPRM engagements.