Consultant - InfoSec Auditor

Third Party Risk Consultant About the Role This position sits at the core of a growing risk advisory function, supporting a diverse portfolio of organisations as they navigate the challenges of third-party oversight. You'll be the person clients rely on to bring clarity, structure, and expertise to their supplier risk landscape. What You'll Do Carry out detailed third-party risk reviews from initiation to completion, ensuring each assessment is both timely and thorough.

Build and maintain strong, professional relationships with clients and their suppliers. Manage assessment pipelines efficiently, upholding high standards of accuracy and consistency. Engage directly with suppliers to keep information flowing and processes on track. Analyse control environments, highlight gaps or emerging issues, and develop clear, actionable recommendations. Produce polished assessment outputs aligned to recognised methodologies and internal quality expectations. Contribute to management information, reporting, and briefing packs for internal and client stakeholders.

Support supplier assurance programmes and participate in wider risk or consultancy projects. Represent the wider team with professionalism and a solid understanding of its objectives. How You'll Support the Team Share knowledge, mentor junior colleagues, and help raise capability across the function. Get involved in continuous improvement activities aimed at strengthening internal processes. Assist in organisational operations such as recruitment when required.

What You'll Bring A minimum of three years' experience within supplier assurance, third-party risk, or a closely related discipline. Strong working knowledge of cybersecurity frameworks (e.g., NIST, PCI DSS, ISO). Hands-on experience performing risk assessments across different business areas or lines of defence. Good understanding of risk methodologies, assessment life cycles, and standardised approaches. Ability to work confidently both independently and as part of a collaborative team.

Excellent stakeholder engagement skills and strong communication abilities, both written and verbal. A proactive, adaptable mindset and the confidence to represent the team effectively in a client-facing setting. Nice to Have Familiarity with commonly used cybersecurity tools and platforms. Previous consultancy experience helpful, but not essential. A willingness to thrive in a fast-paced advisory environment is what matters most. To speak in absolute confidence about this opportunity please send an up-to-date CV via the link provided or contact Senior Recruitment Consultant Stuart Kennedy at MCS Group on or .

Even if this position is not right for you, we may have others that are. Please visit MCS Group to view a wide selection of our current jobs.

Skills:

Infosec Analyst IT Risk & Controls Manager Risk and controls Compliance Audit Assurance Benefits:
Remote Bonus Progression