Security Specialist (Third Party)

Southampton
£42848 - £55000 per annum + + 28.97% Pension
Permanent

Posted on Thu Jun 2025

Information Security Third-Party Risk Specialist

Hybrid - Southampton - 60% Time on site

£42,848 - £55,000

Please note for to apply for this role you must use the link included below.

Job summary

Are you passionate about information security and confident assessing and managing supply chain risks?

Do you have experience working with third-party suppliers to embed secure-by-design principles and improve an organisation's security posture?

Would you like to play a key role in protecting national infrastructure and influencing how security is embedded across critical digital services?

Job description

As a Third-Party Information Security Specialist, you will play a vital role within the Maritime and Coastguard Agency's Information Security team, helping to protect our people, systems, and data across both internal operations and external suppliers.

Your work will directly support MCA's broader Information Security strategy, helping to embed best practices and risk awareness throughout the organisation and its supply chain. You'll influence how security requirements are considered from the earliest design stages of projects through to operational delivery and the continued lifecycle of a service.

You'll be responsible for ensuring that third-party suppliers-both current and prospective-are assessed against our Secure by Design principles and meet our security expectations. Acting as a trusted advisor, you'll proactively identify and manage supply chain risks, contribute to strategic security planning, and embed information security into the design of projects and operational processes from the outset. Your work will help strengthen MCA's resilience, balancing practical delivery needs with long-term national security priorities.

This role offers the opportunity to support the UK's maritime and emergency services by ensuring new and innovative technology is delivered in-line with Secure by Design principles.

Your responsibilities include but are not limited to:

Providing security consultation on projects, strategic programs, and procurement activities, ensuring suppliers security posture is compliant with MCA policy and Secure by Design principles.

Supporting contract management by advising on appropriate Government Security Schedules, reviewing supplier Security Management Plans (SMPs), and conducting annual security reviews to maintain compliance with MCA requirements.

Leading the onboarding and risk assessment of existing MCA suppliers into the organisation's chosen Third-Party Risk Management platform, with prioritisation based on supplier criticality and risk exposure.

Attendance at supplier review boards and governance forums to ensure security recommendations are tracked, addressed, and implemented, and to provide subject matter expertise on supplier security posture and ongoing risk mitigation.

For further information about the role and responsibilities, please see the attached role profile.

About You

You'll have a strong grounding in information security, ideally supported by certifications such as CISM, CISSP, CISA, or equivalent experience. You're someone who can apply core security principles to support the delivery of secure systems and services, and who brings a practical, risk-based mindset to identifying and mitigating third-party and organisational security risks.

You'll have experience assessing supplier security, applying government protective security standards across digital and physical environments, and supporting the design of proportionate controls. You're comfortable analysing threat intelligence and using those insights to inform decision-making, incident response, and ongoing risk management activities.

You're confident engaging with a wide range of stakeholders-from technical teams to senior leaders-and are able to clearly communicate evidence-based risk decisions in a way that supports understanding and action. You bring strong attention to detail, a calm and assertive approach to managing difficult conversations, and a collaborative mindset that helps build trust and shared purpose.

You have a broad understanding of security frameworks and governance, and while you may not specialise in every technical detail, you take a holistic view-balancing operational needs with strategic objectives to help deliver secure, resilient outcomes.

Please note for full information on this role, including the Job description, follow this link to the Civil Service Jobs Site -

Contact point for applicants

Email :

Apply for this role:

    Share this role:
    Advertised By:
    Greg Swayne

    Greg has nearly two decades of recruitment experience, providing deep industry insights and a tailored approach to each client. His commitment to understanding the specific needs of companies he works with makes him a preferred partner in recruitment.

    Similar Opportunities

    Employers About TRIA News & Insights Work for TRIA

    Actions speak louder than words when it comes to ED&I and we’re proud to let ours do the talking for us. TRIA have a majority female workforce from director level down and to keep building on this, we embody a commitment to keep TRIA a safe, prejudice-free environment.

    TRIA Consulting is dedicated to delivering end-to-end services that unlock potential and maximise value. Unlike traditional recruitment, we focus on providing comprehensive consultancy solutions tailored to your organisation's unique objectives.

    Privacy Policy Terms & Conditions DE&I Policy Cookies Policy Modern Slavery Act Statement