Marks and Spencer

TPRM Principal Security Consultant

Marks and Spencer  •  United Kingdom of Great Britain and Northern Ireland (Hybrid)  •  23 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

TPRM Security Consultant to act as a trusted advisor to senior stakeholders responsible for ensuring the security of a broad range of technical integrations between M&S and its suppliers, providing risk based assessments and supporting third party options to mitigate security risks related to complex TPRM engagements. Additionally, to ensure Secure-by-Design thinking is embedded into everything we do and that the risks are understood and managed.

You will be responsible for establishing and maintaining an effective relationship with assigned portfolio(s) of change from the Third-Party scope at both engineering and management levels

This is a global role that requires cross organisational influence over all areas of the business and technology including traditional retail, online, international, delivery centres, partners etc to support our mission in the management and reduction of Cyber Risk

What you'll do

  • Own the InfoSec relationship with identified Third Party portfolio(s) of change to drive risk‑aware business decisions
  • Become a trusted advisor to the technical and management teams in your assigned portfolio(s)
  • Identify when your TPRM portfolio(s) require additional InfoSec support from areas such as Security Architecture, Security Design or Security Engineering and broker a successful engagement
  • Lead technical security risk assessments and provide requirements and guidance into change activities, founded in CIS and secured by design principles.
  • Oversee supplier onboarding risk assessments and ongoing monitoring programs

Who you are

  • Detailed knowledge of 2 or more security domains and good understanding of others e.g Application Security, Network Security, Infrastructure Security, Cloud Security, End-User Compute Security, IoT and ICU Security.
  • Demonstrable understanding and experience of risk assessment and compliance frameworks
  • 6 years in technology with at least 2 years’ experience delivering advanced level security engineering or similar role
  • Supporting qualifications in technology or security e.g Microsoft/Azure Architecture, OR CISSP, CISM, CRISK, CGEIT. CCAK, CCSK, CCSP.

What’s in it for you

Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We’re an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing exceptional quality, value, service to every customer, whenever, wherever and however they want to shop with us.

Here are some of the benefits we offer that make working for M&S just that little bit more special…

  • After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
  • Competitive holiday entitlement with the potential to buy extra holiday days!
  • Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
  • A generous Defined Contribution Pension Scheme and Life Assurance.
  • A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
  • Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
  • Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
  • Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
  • A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.

Everyone’s welcome

We’re ambitious about the future of retail. We’re innovating, disrupting, and leading the way into a more inspiring, digital era. It’s an exciting time to be part of M&S.

To support us on our journey, we’re building inclusive, diverse teams where everyone can be themselves, do their best work, and make change happen. We support each other and succeed together.

Don’t worry if you don’t meet every single requirement of the job description. It’s more of a guide to what’s possible within the role. If you’re passionate, ready to work hard, and think the role feels right for you, we’d love to hear from you. #hybridrole #LI-Hybrid #LI-OT1

Marks and Spencer

About Marks and Spencer

At M&S, we're dedicated to being the most trusted retailer, prioritising quality and delivering value. Every day, we bring the magic of M&S to our customers, whenever, wherever and however they want to shop with us.

For over a century, we've set the standard, doing the right thing and embracing innovation. Today, with over 65,000 colleagues serving 32 million customers globally, we're putting quality products at the heart of everything we do.

Tomorrow holds boundless opportunities with us. We're pioneering digital innovation and shaping the future of retail where our values drive every action.

We stay close to customers and colleagues, always curious and connected. Our decisions are bold, our actions ambitious. Transparency is paramount, with straightforward, honest communication. We're constantly innovating, always striving for the best. Our focus is on aiming higher and winning together, combined with wise financial decisions to secure our future.

Join us at M&S to shape the future of retail.

Industry
Retail & Ecommerce
Company Size
10,000+ employees
Headquarters
London, GB
Year Founded
1884
Website
marksandspencer.com
Social Media