Third Party Security Risk Analyst

Responsibilities

• Execute TPSRM activities across the full supplier lifecycle, including onboarding, due diligence, contracting security reviews, and offboarding.
• Perform detailed third-party cybersecurity risk assessments by analyzing supplier responses and validating supporting evidence.
• Identify security gaps and support remediation governance by proposing actions and tracking supplier commitments.
• Support continuous monitoring through periodic reassessments, reviewing security alerts, and following up on incidents.
• Coordinate with internal stakeholders such as Procurement, Legal, and Security Engineering to ensure efficient risk decisions.
• Maintain high-quality, audit-ready documentation for all assessments, risk ratings, and remediation plans.

Requirements

• Bachelor's degree in Cybersecurity, Information Systems, Technology, Engineering, or a related field.
• 5–7 years of experience in security assurance, supplier assessments, technology risk, or GRC.
• Proven experience performing cybersecurity or supplier risk assessments.
• Familiarity with TPRM or TPSRM programs and supporting technologies.
• Experience reviewing security evidence, including SOC 2 reports, penetration tests, and policy documentation.
• Proficiency with Third-Party Risk Management tools such as OneTrust or UpGuard.

Preferred Qualifications

• Professional certifications such as ISO 27001 Foundations, Security+, CCSK, or CISA.
• Training in risk management, cloud security, or supplier assurance.
• Experience using security rating services or specialized questionnaire platforms.

About the Company

Haleon is a purpose-driven, world-class consumer company dedicated to putting everyday health in the hands of millions. With a trusted portfolio of brands including Sensodyne, Panadol, Advil, and Centrum, we combine deep human understanding with trusted science to deliver better everyday health with humanity.