×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Third‑Party Risk Manager

Job in Cheltenham, Gloucestershire, GL50, England, UK
Listing for: Spirax Group
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Location:
Cheltenham, Gloucestershire (hybrid working)

We are seeking an experienced Third-Party Risk Manager to build, mature, and ope rationalise our organisation’s Third-Party Risk Management (TPRM) capability. This is a key role responsible for establishing a strong TPRM foundation and embedding structured processes, tooling, governance, and reporting across the supplier lifecycle. As the Third-Party Risk Manager, you will design and implement a scalable framework that enhances visibility, reduces exposure to supplier-related risks, and drives continuous improvement across the organisation.

Key Responsibilities
  • Build and mature the organisation’s Third-Party Risk Management Framework.
  • Develop a foundational TPRM framework aligned with NIST, ISO 27001, NIST SP 800-53/161, and internal security policies.
  • Define roadmap milestones to progress from ad hoc practices to structured, repeatable processes.
  • Establish scalable lifecycle processes for onboarding assessments, risk categorisation, assurance reviews, and continuous monitoring.
  • Support alignment with internal policies, including the Supplier Management Security Policy and Group Information Security Policy.
  • Lead security risk assessments for new and existing suppliers.
  • Implement supplier profiling and RAG tiering methodologies.
  • Document, communicate, and track supplier remediation and mitigation plans.
  • Establish mechanisms for ongoing assurance such as periodic reviews, evidence collection, and monitoring alerts.
  • Maintain a centralised supplier inventory and coordinate with procurement, contracting, IT, and business teams.
  • Develop KPIs and KRIs for third-party risk and support quarterly reporting cycles.
  • Identify gaps in current processes and recommend improvements to strengthen TPRM practices.
  • Contribute to the creation of standardised assessment templates, processes, and communication workflows.
  • Partner with Procurement, Legal, IT, Finance, and business units to embed TPRM requirements across operations.
  • Provide training, guidance, and awareness sessions to enhance understanding of third-party risks.
  • Offer expert consultation during supplier selection, contract negotiations, and incident response activities.
Your Experience
  • 5+ years in information security, assurance, TPRM, compliance, or audit.
  • 2+ years in a dedicated Third-Party Risk Management role.
  • Strong working knowledge of ISO 27001, NIST CSF, NIST SP 800-53/161, CIS Controls, SCF, GDPR, cloud security, and supplier risk.
  • Experience conducting supplier assessments, reviewing security questionnaires, and managing remediation.
  • Hands‑on experience in cybersecurity, information security risk, compliance, or vendor oversight.
  • Familiarity with supplier assurance methodologies and recognised risk frameworks.
  • Experience with GRC or TPRM platforms such as Team Mate, Logic Gate, One Trust, or Audit Board.
Your Skills
  • Relevant certifications such as CISM, CRISC, CompTIA+, ISO 27001 Lead Auditor/Implementer, or CISA are desirable.
  • Ability to engage, challenge, negotiate, and influence stakeholders at all levels.
  • Strong analytical skills with excellent attention to detail.
  • Able to work independently, prioritise effectively, and adapt in a fast‑moving environment.
  • Confident communicator with the ability to simplify complex concepts.
  • Proactive, curious, and committed to continuous learning.

Spirax Group is a FTSE
100 and FTSE4

Good multi‑national industrial engineering Group with expertise in the control and management of steam, electric thermal solutions, peristaltic pumping and associated fluid technologies.

Our Purpose is to create sustainable value for all our stakeholders as we engineer a more efficient, safer and sustainable world. Our technologies play an essential role in critical industrial processes and industrial equipment across industries as diverse as Food & Beverage, Pharmaceutical & Biotechnology, Power Generation, Semiconductors and Healthcare. With customers in 165 countries, we provide the solutions that sit behind the production of many items used in daily life, from baked beans to mobile phones!

Our Purpose, supported by our inclusive culture and Values, unites us, guides our decisions and inspires us…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search