<DIV> <DIV><P> </P><P> <BR><STRONG>Job reference 338711</STRONG><BR>Third Party Security Analyst<BR><SPAN>Competitive salary plus car allowance, healthcare , 18% annual bonus potential, 25 da</SPAN>ys annual leave plus bank holidays rising with service and a company pension scheme with highly competitive contribution rates<BR>Permanent, Full time</P><P>Hybrid working in either London or Sheffield office x3 days a week</P><P> </P><P> </P></DIV></DIV><BR><P><STRONG>Third Party Security Analyst</STRONG></P><P><STRONG> </STRONG></P><P>Royal Mail Group is strengthening its cyber security capability and we're looking for a <STRONG>Third Party Security Analyst</STRONG> to play a key role in safeguarding our supply chain. This is an exciting opportunity to join a growing cyber function where you'll assess, influence, and uplift the security posture of suppliers that support critical business operations.</P><P>You'll work closely with Procurement, Legal, Data Protection, and technical teams to ensure our suppliers meet the highest standards of security - and you'll help shape how Royal Mail manages third party cyber risk across the entire organisation.</P><P> </P><P><STRONG>The role</STRONG></P><UL><LI><STRONG>Supplier Assurance</STRONG> Conduct detailed security assessments of new and existing suppliers, ensuring alignment with Royal Mail standards and frameworks such as ISO 27001, NIST, and UK GDPR.</LI><LI><STRONG>Risk Analysis & Reporting</STRONG> Identify and document supplier risks, producing clear, actionable risk packs that explain business impact and recommended remediation.</LI><LI><STRONG>Contractual Security Management</STRONG> Support the drafting and negotiation of security schedules and clauses within supplier contracts, ensuring appropriate controls for data protection, incident response, and continuity.</LI><LI><STRONG>Tooling & Data Management</STRONG> Operate and maintain third party risk management tools (e.g., SureCloud, RiskRecon), ensuring accurate data, timely updates, and meaningful dashboards for reporting.</LI><LI><STRONG>Stakeholder Engagement</STRONG> Work with Procurement, Legal, Data Protection, and business teams to embed security requirements into supplier processes. Communicate complex issues in clear, accessible language.</LI><LI><STRONG>Technical Insight</STRONG> Contribute to the development of security approaches across emerging technologies such as AI, Cloud, and IoT.</LI><LI><STRONG>Continuous Monitoring</STRONG> Conduct periodic reviews of critical suppliers and monitor for changes in risk posture, tracking issues through to closure.</LI><LI><STRONG>Governance & Compliance</STRONG> Support governance reporting, policy development, and continuous improvement of supplier assurance processes.</LI><LI><STRONG>Training & Awareness</STRONG> Assist in delivering training and guidance to internal teams on supplier security best practice.</LI></UL><P><STRONG> </STRONG></P><P><STRONG>Your experience</STRONG></P><UL><LI>Experience in cyber security, supplier assurance, or GRC within a large enterprise environment.</LI><LI>Strong understanding of risk assessment methodologies and third party risk management.</LI><LI>Ability to translate technical risks into clear business language and influence stakeholders.</LI><LI>Familiarity with ISO 27001, NIST CSF, UK GDPR, and contractual security requirements.</LI><LI>Experience using GRC or vendor risk management platforms (e.g., SureCloud, RiskRecon).</LI><LI>Strong analytical skills with the ability to cut through complexity and provide clear recommendations.</LI><LI>Excellent communication skills - written, verbal, and presentational.</LI><LI>Ability to manage multiple priorities and suppliers simultaneously.</LI><LI>A willingness to learn and develop further in the cyber security domain.</LI></UL><P><STRONG> </STRONG></P><P><STRONG>Preferred qualifications</STRONG></P><UL><LI>Degree in a relevant field</LI><LI>CISM, CRISC, ISO 27001 Lead Auditor, or equivalent certification (or working towards one)</LI></UL><P><STRONG> </STRONG></P><P><STRONG>Why join Royal Mail Group?</STRONG></P><UL><LI>Work in a high impact role that directly protects the organisation's supply chain.</LI><LI>Collaborate with a wide range of stakeholders across a major UK business.</LI><LI>Develop your expertise in supplier assurance, risk management, and cyber governance.</LI><LI>Be part of a supportive cyber security team with opportunities for growth and progression.</LI></UL><P> </P><P> </P><P><STRONG>Extra Benefits</STRONG></P><P> </P><P><STRONG>    Family friendly support</STRONG> - enhanced maternity pay, paternity leave, adoption leave and shared parental leave<BR><STRONG> </STRONG>   Supportive and generous company <STRONG>sick pay</STRONG><BR><STRONG>    Funded Dental</STRONG> - As a manager you are eligible to a level of employer funded dental insurance*<BR><STRONG>    Health Assessment</STRONG> - As a manager you are eligible to an employer funded health assessment every 2 years*<BR><STRONG>    Benefits Account</STRONG> - You will have access to your personal benefits account on our My Bundle+' platform. There are more than 800 retail offers to help you save on things like groceries, days out, holidays and your household bills as well as employer provided and voluntary benefits to suit your lifestyle.<BR><STRONG>    Your Wellbeing</STRONG> - you and your family have 24/7 access to services and tools to help you get the most out of life. From your physical and mental health to financial and social support and advice. It's free, and it's for everyone.</P><P><STRONG>*Available only to permanent employees</STRONG></P><P> </P><P><STRONG>Next Steps</STRONG></P><P> </P><P>The next stage of the selection process will be a face to face/virtual interview consisting of competency based and role specific questions.</P><P> </P><P>Trust is the foundation of Royal Mail / Parcelforce / RM Property and Facilities Solutions. We aim to be transparent about the qualities we seek and what a career with us entails, building trust from the start of your journey with us. Your interview is the first step, and we want you to shine. To help you prepare, we'll provide your interview questions in advance, so you can have your best examples ready. At Royal Mail Group, we value trust and our people. </P><P><BR>We understand that candidates may not meet all the criteria for the role. If your experience is different, but you have relevant skills we'd love to hear from you. (delete if essential criteria only)</P><P><BR>Royal Mail Group is committed to inclusion and representing the diverse communities we serve. We welcome applications from all individuals. As a proud Gold signatory to the Armed Forces Covenant, we especially encourage applications from the Armed Forces community, including cadet instructors and spouses/partners.</P><P><BR>We are committed to ensuring an inclusive recruitment process. If you require any adjustments to support you during the hiring process, please discuss these with your recruiter when contacted.</P><P> </P><P>We are Forces family friendly and a Gold signatory to the Armed Forces Covenant. We welcome applications from ex-Armed Forces personnel, reservists, veterans, cadet instructors and military spouses/partners.</P><P> </P><P>For more information on Royal Mail Group and our values please click here: https://www.internationaldistributionsservices.com/en/about-us/ </P><P> </P><P>Closing Date: . 7th May 2026 Please note, this advert may close early if the appropriate number of applications has been reached.</P><P> #LI-POST</P><BR>