Third-Party Cyber Risk Consultant – Cyber Uplift (Data Protection)
About the Company
Davidson is partnering with a well-established organisation delivering a significant cyber uplift program. The focus is on strengthening data protection and third-party cyber risk management capabilities across the enterprise.
About the Role
This is a hands-on role for an experienced Third-Party Cyber Risk Consultant to support a newly approved cyber uplift program. You’ll work across the design and implementation of core frameworks and controls, including:
- Data classification framework(and associated handling requirements)
- Third-party cyber risk assessment framework(aligned to supplier engagement models)
- Supporting processes, controls, artefacts, and rollout activities
You’ll be embedded in the program team, partnering closely with Cyber Security, Risk, Procurement/Vendor Management, Legal, Technology, and key business stakeholders to uplift how third-party risk is assessed, governed, and managed.
Key Responsibilities
- Lead discovery and facilitate workshops across third-party engagement, data usage/flows, and control requirements (including cloud/Microsoft environments)
- Define and document clear business + technical requirements(BRDs, as-is/to-be processes, control/process artefacts)
- Support the design and rollout of a third-party cyber risk assessment framework, aligned to supplier onboarding and lifecycle management
- Contribute to delivery assurance including test approach, test scripts, and UAT coordination
- Drive stakeholder alignment and adoption across Cyber, Risk, Procurement and Technology through to rollout (targeting mid-2026)
About You
- Proven experience delivering third-party cyber risk / supplier risk initiatives within complex organisations ( essential)
- Strong cyber security program background, ideally spanning data protection and control uplift
- Excellent stakeholder management across Cyber, Risk, Procurement/Vendor Management, IT and business
- Strong requirements/documentation capability with the ability to translate cyber controls into practical processes and outcomes
- Experience supporting testing/UAT and producing pragmatic delivery artefacts (test scripts, plans, process docss
Please apply with current resume in Microsoft Word format only (.doc or .docx). If you have the relevant experience listed above and require further information, please contact Tessa Garamszegi at tessa.garamszegi@davidsonwp.com, quoting reference JN -022026-42593. Want to know more about Davidson? Visit us at www.davidsonwp.com
