Consultant - Third Party Cyber Risk
Consultant, Third Party Cyber Risk
Location: Remote, United Kingdom
Security Clearance: Ability to achieve security clearance or DV as required
Job Description The Third Party Cyber Risk Consultant will direct the strategic delivery of comprehensive Third Party Cyber Risk consulting and managed services.
This role is pivotal in safeguarding our clients' supply chains by developing and implementing innovative frameworks and processes to mitigate cyber security risks. The Consultant will engage closely with clients, offering expert guidance and tailored solutions to address complex supply chain challenges. This role will drive the development and refinement of third-party risk management programs, ensuring they align with evolving industry standards. This role demands exceptional initiative, a deep understanding of cyber security risks and information security, third party risk management, and the ability to communicate effectively with stakeholders at all levels. The third party cyber risk consultant will also be instrumental in identifying business development opportunities, fostering strong client relationships, and creating scalable frameworks to streamline future implementations. Key Responsibilities:
Deployment Leadership: Develop and implement strategic initiatives to enhance third party risk management frameworks and processes.
Client Engagement: Collaborate with clients to assess and address supply chain and cyber security risks, offering expert guidance on best practices.
Program Development: Lead the creation and refinement of third-party risk management programs, ensuring alignment with industry standards and client needs.
Risk Assessment: Oversee vendor identification, on-boarding, monitoring, and remediation processes, including development and deployment of cyber security risk questionnaires.
Communication & Reporting: Present findings and strategic recommendations to senior management and client stakeholders, facilitating informed decision-making.
Process Optimisation: Standardise operating procedures to optimise service delivery and maximise client utilisation of third party risk management solutions.
Business Development: Identify opportunities for service expansion, including renewals, cross-sells, and up-sells, while maintaining strong client relationships.
Framework Creation: Develop scalable processes and frameworks applicable across various industries to streamline future implementations
Qualifications & Experience:
3+ years as a consultant in Supply Chain Risk Management.
5+ years in an information security or a related role in cyber security
Certifications: CISSP, CISM, or equivalent preferred.
Technical Skills & Attributes:
In-depth knowledge of third party risk management practices and tools, including risk assessment methodologies and compliance standards. Proficiency in developing and implementing risk management frameworks.
Strong understanding of network and information security, security protocols, and security tools.
Design, development and implementation of third party security questionnaires.
Excellent verbal and written communication skills.
Proven ability to build trusted client relationships and conduct deep client discovery.
Demonstrated ability to design programs and solutions independently
Entrepreneurial mindset with a drive for results.
Experience in a cybersecurity or technology-focused organisation.
Strong project and process management skills.
About BlueVoyant At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability! Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies. Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America. All employees must be authorized to work in the United Kingdom. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
BlueVoyant Candidate Privacy Notice
To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice
About the job
Apply for this position
Consultant - Third Party Cyber Risk
Consultant, Third Party Cyber Risk
Location: Remote, United Kingdom
Security Clearance: Ability to achieve security clearance or DV as required
Job Description The Third Party Cyber Risk Consultant will direct the strategic delivery of comprehensive Third Party Cyber Risk consulting and managed services.
This role is pivotal in safeguarding our clients' supply chains by developing and implementing innovative frameworks and processes to mitigate cyber security risks. The Consultant will engage closely with clients, offering expert guidance and tailored solutions to address complex supply chain challenges. This role will drive the development and refinement of third-party risk management programs, ensuring they align with evolving industry standards. This role demands exceptional initiative, a deep understanding of cyber security risks and information security, third party risk management, and the ability to communicate effectively with stakeholders at all levels. The third party cyber risk consultant will also be instrumental in identifying business development opportunities, fostering strong client relationships, and creating scalable frameworks to streamline future implementations. Key Responsibilities:
Deployment Leadership: Develop and implement strategic initiatives to enhance third party risk management frameworks and processes.
Client Engagement: Collaborate with clients to assess and address supply chain and cyber security risks, offering expert guidance on best practices.
Program Development: Lead the creation and refinement of third-party risk management programs, ensuring alignment with industry standards and client needs.
Risk Assessment: Oversee vendor identification, on-boarding, monitoring, and remediation processes, including development and deployment of cyber security risk questionnaires.
Communication & Reporting: Present findings and strategic recommendations to senior management and client stakeholders, facilitating informed decision-making.
Process Optimisation: Standardise operating procedures to optimise service delivery and maximise client utilisation of third party risk management solutions.
Business Development: Identify opportunities for service expansion, including renewals, cross-sells, and up-sells, while maintaining strong client relationships.
Framework Creation: Develop scalable processes and frameworks applicable across various industries to streamline future implementations
Qualifications & Experience:
3+ years as a consultant in Supply Chain Risk Management.
5+ years in an information security or a related role in cyber security
Certifications: CISSP, CISM, or equivalent preferred.
Technical Skills & Attributes:
In-depth knowledge of third party risk management practices and tools, including risk assessment methodologies and compliance standards. Proficiency in developing and implementing risk management frameworks.
Strong understanding of network and information security, security protocols, and security tools.
Design, development and implementation of third party security questionnaires.
Excellent verbal and written communication skills.
Proven ability to build trusted client relationships and conduct deep client discovery.
Demonstrated ability to design programs and solutions independently
Entrepreneurial mindset with a drive for results.
Experience in a cybersecurity or technology-focused organisation.
Strong project and process management skills.
About BlueVoyant At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability! Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies. Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America. All employees must be authorized to work in the United Kingdom. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
BlueVoyant Candidate Privacy Notice
To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice