Third Party Security Analyst

Job Category: Information Technology (IT)
Job Type: Full Time
Job Location: England
Company Name: BDO UK LLP

About BDO UK

BDO UK offers tax, audit & assurance, advisory, and business outsourcing services to companies across various industries. We take the time to truly understand our clients’ businesses and markets, providing expert guidance to help them navigate challenges with a proactive and flexible approach. Our partners and staff are specialists in their fields, bringing innovative and entrepreneurial thinking to every client engagement.

Our commitment to exceptional client service is reflected in our results—95% of our clients would recommend us.

With 18 offices across the UK’s major business hubs, we stay close to our clients, providing tailored support wherever they need it. Our team of 7,500 professionals is empowered to take ownership of their work and build strong relationships, all while upholding the core values that define our culture and drive the value we bring to our clients.

BDO LLP is a proud member of the BDO global network, one of the world’s leading public accounting, tax, and advisory organisations. Operating in 164 territories with a workforce of 95,400 professionals across 1,710 offices, our global presence enables us to support clients as they expand and trade internationally.

About the Job

Ideas | People | Trust

At BDO, we are an accountancy and business advisory firm dedicated to providing the insights and solutions that entrepreneurial organisations need to navigate today’s ever-changing landscape.

We collaborate with ambitious, high-growth businesses that drive the economy, offering direct support to their owners and leadership teams to help them succeed.

Expanding Your Horizons

The Quality and Risk Management Team (QRM) at BDO provides leadership, guidance, and tools to help partners and staff effectively manage quality and risk. The team consists of various specialist areas, including Advisory and Compliance, Cybersecurity, Economic Crime, Legal, Independence and Ethics, Regulatory Supervision, and Quality Monitoring. We also work closely with the Technical Standards Group and firm leadership to uphold our high standards.

Helping You Succeed

Organisations trust us for the quality of our advice, built on a deep understanding of their businesses and long-term relationships.

We are looking for individuals who can work proactively while managing their tasks independently and collaborating effectively with senior managers, directors, and partners. You’ll be encouraged to identify opportunities for enhancing our service delivery and offering additional value to the businesses we work with.

Role Overview: Third-Party Security Analyst (Manager Grade)

As a Third-Party Security Analyst, you will oversee the implementation of BDO’s third-party security framework, ensuring that suppliers and the supply chain comply with information security standards. Your responsibilities include assessing security risks, evaluating third-party security controls, and ensuring that potential risks to BDO and our clients are effectively identified, assessed, and managed.

Key Responsibilities:

  • Lead and enhance BDO’s information security supply chain framework.
  • Coordinate supplier risk assessments and due diligence procedures.
  • Partner with procurement and contract management teams to integrate security considerations into third-party processes.
  • Evaluate vendor risks and ensure compliance with security policies, contractual obligations, and regulations.
  • Assess third-party security controls and compliance with standards like SOC 2, ISO27001, CE+, CIS Top 20, and OWASP.
  • Communicate security risks to internal stakeholders and help implement remediation plans.
  • Track supplier lifecycle risks and report on third-party security assurance activities.
  • Support continual improvement of due diligence and risk assessment processes.
  • Work with legal teams to develop and maintain security contractual clauses and service-level agreements.

Required Skills & Experience:

  • Proven experience in supplier and supply chain due diligence, risk assessment, and information security management.
  • Familiarity with security frameworks (SOC 2, ISO27001, CE+, CIS Top 20, OWASP).
  • Experience in contract review related to information security.
  • Strong communication skills, with the ability to explain technical subjects to both technical and non-technical audiences.
  • Excellent stakeholder management, including advising senior leadership on security risks and mitigation strategies.
  • Relevant industry certification (CISSP, CISM, CRISC, or equivalent).

Why Join BDO?

A Place Where You Can Be Yourself

We value diversity and recognise the importance of agile working, offering flexibility in where and how you work.

Career Growth & Development

At BDO, we invest in your personal and professional growth, providing clear career development paths, mentoring, and continuous learning opportunities.

A Culture of Collaboration & Innovation

  • We support each other, offering mentorship and coaching.
  • Our agile working framework keeps teams connected and engaged.
  • Our state-of-the-art collaboration spaces foster knowledge-sharing and innovation.

Looking Ahead

We are committed to helping entrepreneurial businesses thrive and fuel the UK economy. Our success is powered by our people, and we continuously evolve to combine global reach, expertise, and integrity.

At BDO, we don’t just embrace change—we shape the future together.

APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx