TPRM Specialist

We are looking for an experienced Third Party Risk Management Specialist to support the assessment, management and ongoing improvement of supplier security risk across M&S. Working within our Cyber Security function, you will help ensure that third parties meet our security standards and contractual requirements throughout the full supplier lifecycle.   You will oversee third party security assessments, provide guidance to suppliers and internal teams, and support the development of our third party security risk management programme. This role is ideal for someone with strong cybersecurity governance experience, confident stakeholder management skills, and the ability to coach and support others in a fast-moving environment.   Due to high interest, this role may close earlier than advertised. We recommend applying as soon as possible.   What you’ll do   * Lead third party risk assessments across vendor selection, onboarding and ongoing monitoring * Assess supplier security posture against M&S standards, identifying risks and recommending practical remediation actions * Act as a key point of contact for suppliers, providing guidance on security queries, incidents and mitigation activity * Support reporting on third party security risk posture, including KPIs, dashboards and management insight * Collaborate with Legal, Procurement, Data Protection and Privacy teams to strengthen contractual security controls and improve the wider TPRM programme   Who you are   * Strong experience in third party security, supplier risk management or cybersecurity governance * Good understanding of cybersecurity risk assessment, reporting, policies, processes and standards * Experience assessing third parties against organisational security requirements, ideally within a large or global organisation * Strong analytical, organisation and time management skills, with the ability to manage multiple priorities and recommend practical improvements * Excellent communication and stakeholder management skills, with confidence engaging suppliers, internal teams and coaching others   Supporting qualifications in technology, information security or service management would be beneficial, such as COBIT, ITIL, a Computer Science degree or a Cyber Security degree.   What’s in it for you?   Working at M&S means being part of something bigger - helping to deliver quality, value and service to millions of customers every day. We’re inclusive, fast-moving and always evolving, with a strong sense of purpose and a focus on doing the right thing.   Here are just a few of the benefits that make working here even more rewarding:   * Competitive holiday allowance with the option to buy more * Discretionary bonus schemes linked to your performance and ours * Strong pension and life assurance to help plan for the future * Tailored induction and training to support your development from day one * Exclusive perks and savings through our M&S Choices portal * Market-leading family policies, including parental, adoption and neonatal leave * 24/7 wellbeing support, including virtual GP access and mental health services * One paid volunteer day a year to support a cause that matters to you   Everyone’s welcome   We are ambitious about the future of retail. We’re disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We’re transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.   We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.   If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team so we can help you perform at your best.   #LI-hybrid #hybridrole #LI-DR1