3rd Party Risk Analyst

The 3rd Party Risk Analyst role is part of Group Information Security team within the Informa Global Support division of Informa Plc. The 3rd Party Risk Analyst role will be responsible for performing Information Security (InfoSec) vendor assessments across the Group and monitoring internal control effectiveness. This important role will be supporting with process maintenance and continuous improvement, managing 3rd Party Risk, liaising with vendors and business stakeholders to ensure vendor security risk management is done so effectively. Key Areas of Responsibility/Accountability

• Maintain and measure the information security posture of 3rd Party vendors to reduce risk to Informa and ensure our organisation remains compliant with relevant legislation and security policy.
• Perform vendor security assessments in line with security best practice and the Informa InfoSec Management framework and policies.
• Liaise with business stakeholders to advise them on the status of vendor security risk.
• Report on the status and risk profile of assessed and unassessed vendors to the InfoSec team and the risk committee as needed.
• Work with Legal and Procurement to ensure 3rd party risks are managed end to end.
• Support the current 3rd Party Risk Analyst with their 3rd party security risk assessments
• Suggest and drive improvements to the effectiveness and efficiency of the 3rd party security risk process
• Contribute to the overall Information Security programme of improvements across the Group.
  
  Experience in managing 3rd Party vendors security assessments.
• Excellent stakeholder management and engagement skills; experience of negotiating and managing internal and external stakeholders and third parties.
• The ability to 'translate' technical security issues to business risk
• Able to suggest pragmatic technical and organisational controls to manage identified risks
• Comfortable explaining complex problems in a simple, clear and concise manner to the various parts of the group.
• Excellent written and verbal communication and presentation skills.
• Effective and creative problem-solving skills.
• Proven track record of operating in time critical, diverse, creative and corporate Environments.
• Experience of working with multiple stakeholders and able to adjust approach where necessary
• Understanding of (InfoSec) risk management concepts
• Understanding of the guiding principles behind ISO27001 and related standards.
• Ability and confidence to prioritise and balance conflicting and diverse demands from technical and business perspectives.
• Experience in working with Governance Risk Compliance (GRC) tools, especially tools used for 3rd party risk assessments / management
• CISA/CRISC desired but not essential.
  
  At Informa, no two days and no two people are the same, and you'll find the freedom, opportunity and support of a fantastic community to make a real impact.
We're an international business that connects specialists with knowledge, helping them to learn more, know more and do more through live and on demand events, digital and data-driven services and academic research. We are home to over 10,000 colleagues across 30 countries and are a member of the UK's FTSE 100 group of leading public companies. We're thrilled to have earned the #3 spot in Glassdoor's Best Places to Work 2025 UK list, a recognition based solely on reviews by those who know us best - our current and previous colleagues. In Global Support, we provide expert guidance and hands-on support to the Informa Group and Informa's many business teams. Across tech, finance, legal, corporate development, HR, communications, operations and many other areas, we work collaboratively and flexibly to help our brands serve their customers and help the company succeed, We work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone. Here's some of what you can expect when you join us. But don't just take our word for it - see what our colleagues have to say at LifeAt.Informa.com Our benefits include:
• Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely
• Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networks
• Broader impact: take up to four days per year to volunteer, with charity match funding available too
• Career opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When it's time for the next step, we encourage and support internal job moves
• Time out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a year
• A flexible range of personal benefits to choose from, plus company funded private medical cover
• A ShareMatch scheme that allows you to become an Informa shareholder with free matching shares
• Strong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and more
• Recognition for great work, with global awards and kudos programmes
• As an international company, the chance to collaborate with teams around the world