Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support third-party security assessments and document risks for informed vendor decisions.
- Company: Join a dynamic team in a regulated environment focused on information security.
- Benefits: Competitive day rate, flexible contract role, and opportunities for professional growth.
- Why this job: Make a real impact by ensuring vendor security and risk management in a crucial role.
- Qualifications: Experience in vendor risk assessments and strong communication skills are essential.
- Other info: Work with industry experts and gain exposure to cutting-edge security frameworks.
The TPSA Assistant will support third-party/vendor security and risk assessments, ensuring risks are clearly documented and presented to enable procurement decisions and governance approvals. The role requires strong attention to detail, an understanding of information security risk, and the ability to support multiple vendor assessments concurrently.
Tasks Description
- Support third-party security and vendor risk assessments
- Assist with vendor onboarding, renewal, and periodic review activities
- Review and track security questionnaires (SIG, CAIQ, DDQs)
- Collect, validate, and review vendor security evidence (ISO 27001, SOC reports, policies)
- Support inherent and residual risk scoring under guidance
- Document risk findings, issues, and remediation actions
- Prepare assessment summaries to support procurement and governance approval
- Maintain accurate records within TPRM / GRC tools
- Liaise with InfoSec, Risk, Compliance, and Procurement stakeholders
Essential Skills / Experience Description
- Experience supporting Third-Party Risk Management (TPRM) or vendor risk assessments
- Understanding of information security risk and security control frameworks
- Familiarity with ISO 27001, SOC 1 / SOC 2, or equivalent standards
- Experience reviewing vendor documentation and assessment evidence
- Knowledge of GRC concepts (governance, risk, compliance)
- Strong documentation and stakeholder communication skills
- Experience within financial services or regulated environments
- Exposure to TPRM tools (ServiceNow, Archer, OneTrust, MetricStream)
- Knowledge of GDPR / data protection requirements
- Understanding of BCP / DR and operational resilience
- Relevant certifications or training (ISO 27001, Security+, CISA, CRISC β beneficial but not required)
Information Security Consultant in Reading employer: Next Ventures
Contact Detail:
Next Ventures Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Information Security Consultant in Reading
β¨Tip Number 1
Network like a pro! Reach out to your connections in the industry, especially those who work in information security or vendor risk management. A friendly chat can lead to insider info about job openings or even a referral.
β¨Tip Number 2
Prepare for interviews by brushing up on your knowledge of TPRM and security frameworks. We recommend practising common interview questions related to vendor assessments and risk management to show youβre ready to hit the ground running.
β¨Tip Number 3
Donβt underestimate the power of follow-ups! After an interview, drop a quick thank-you email to express your appreciation. It keeps you fresh in their minds and shows your enthusiasm for the role.
β¨Tip Number 4
Apply through our website for the best chance at landing that Information Security Consultant gig. We keep our listings updated, and applying directly can sometimes give you an edge over other candidates!
We think you need these skills to ace Information Security Consultant in Reading
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Information Security Consultant role. Highlight your experience with third-party risk management and any relevant certifications. We want to see how your skills match what we're looking for!
Showcase Your Attention to Detail: Since this role requires strong attention to detail, include examples in your application that demonstrate your meticulousness. Whether itβs reviewing vendor documentation or tracking security questionnaires, let us know how youβve nailed it in the past.
Be Clear and Concise: When writing your cover letter, keep it clear and concise. We appreciate straightforward communication, so get to the point while still showcasing your passion for information security and vendor risk assessments.
Apply Through Our Website: Donβt forget to apply through our website! Itβs the best way for us to receive your application and ensures youβre considered for the role. We canβt wait to see what you bring to the table!
How to prepare for a job interview at Next Ventures
β¨Know Your Stuff
Make sure you brush up on your knowledge of information security risk and the relevant frameworks like ISO 27001 and SOC reports. Being able to discuss these topics confidently will show that you're well-prepared and understand the role inside out.
β¨Document Everything
Since the role involves a lot of documentation, practice summarising complex information clearly and concisely. Prepare examples of how you've documented risks or issues in past roles, as this will demonstrate your attention to detail and communication skills.
β¨Familiarise with TPRM Tools
If you have experience with tools like ServiceNow or OneTrust, be ready to talk about it! If not, do a bit of research on them so you can discuss how you would approach using such tools in the role. This shows initiative and a willingness to learn.
β¨Engage with Stakeholders
Think about how youβve liaised with different teams in previous roles. Be prepared to share examples of how you communicated effectively with stakeholders, especially in regulated environments. This will highlight your collaborative skills and understanding of governance.
