Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct vendor risk assessments and present actionable insights to stakeholders.
- Company: Dynamic company focused on third-party cyber risk management.
- Benefits: Competitive pay, flexible work arrangements, and a supportive team environment.
- Other info: Inclusive workplace with opportunities for personal and professional growth.
- Why this job: Make a real impact by safeguarding the organisation from cyber risks.
- Qualifications: Experience in third-party risk management and strong communication skills.
We are looking for an experienced Information Security Analyst with a strong focus on third-party cyber risk management. This role centres on conducting detailed vendor risk assessments, analysing findings and presenting clear, actionable insights to stakeholders.
You will play a key role in translating complex infosec concepts into business-friendly language, enabling informed decision-making across the organisation.
Key Responsibilities:- Conduct in-depth third-party cyber risk assessments across vendors and partners
- Analyse security controls, identify vulnerabilities and assess overall risk exposure
- Proactively identify and flag emerging risks before they impact the business
- Produce high quality assessment reports with clear findings and recommendations
- Present risk insights to both technical and non-technical stakeholders
- Translate infosec 'technical speak' into clear business risk language to support decision-making
- Track remediation activities and ensure timely resolution of identified risks
- Work closely with procurement, legal and business teams to embed security into third-party processes
- Act as a key contact for vendors regarding security assessments and risk queries
- Proven experience in third-party risk management / vendor security assessments
- Strong risk analysis and proactive risk identification capability
- Ability to communicate complex security concepts to business stakeholders
- Experience producing detailed reports and presenting findings confidently
- Solid understanding of cybersecurity frameworks and risk methodologies
- Analytical & detail oriented
- Strong communicator (Tech to Business translation)
- Proactive & risk focused
- Collaborative & stakeholder facing
Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.
If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.
Infosec Analyst - TPRM employer: Sanderson Recruitment
Contact Detail:
Sanderson Recruitment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Infosec Analyst - TPRM
✨Tip Number 1
Network like a pro! Reach out to your connections in the InfoSec field, especially those who work in third-party risk management. A friendly chat can lead to insider info about job openings that aren't even advertised yet.
✨Tip Number 2
Prepare for interviews by brushing up on your ability to translate complex security concepts into business-friendly language. Practice explaining your past experiences in a way that highlights how you’ve helped stakeholders make informed decisions.
✨Tip Number 3
Don’t just apply anywhere; focus on companies that align with your values and expertise. Use our website to find roles that excite you, and tailor your approach to show how you can add value to their team.
✨Tip Number 4
Follow up after interviews! A quick thank-you email can keep you top of mind. Mention something specific from your conversation to show you were engaged and are genuinely interested in the role.
We think you need these skills to ace Infosec Analyst - TPRM
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in third-party risk management and vendor security assessments. Use keywords from the job description to show we’re on the same page!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Explain why you’re passionate about InfoSec and how your skills can help us tackle third-party cyber risks. Keep it engaging and relevant!
Showcase Your Communication Skills: Since translating complex infosec concepts into business-friendly language is key, give examples in your application of how you've done this before. We want to see your strong communication skills in action!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Sanderson Recruitment
✨Know Your Stuff
Make sure you brush up on third-party cyber risk management concepts. Familiarise yourself with common security frameworks and methodologies, as you'll need to demonstrate your understanding during the interview.
✨Speak Their Language
Practice translating complex infosec jargon into business-friendly terms. You’ll be expected to present findings to both technical and non-technical stakeholders, so being able to communicate clearly is key.
✨Showcase Your Reports
Prepare examples of high-quality assessment reports you've produced in the past. Be ready to discuss how you identified risks and made actionable recommendations, as this will highlight your analytical skills.
✨Engage with Stakeholders
Think about how you’ve collaborated with different teams in previous roles. Be prepared to share specific examples of how you’ve worked with procurement, legal, or business teams to embed security processes.