TPSA Senior Consultant

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. Mindbox connects top IT talents with technology projects for leading enterprises across Europe. The company focuses on matching skills with projects that use modern tech stacks, solve real business challenges, and provide space for growth. Mindbox supports delivering technology solutions for well-known brands, emphasizing knowledge-sharing and continuous development.

• 5+ years in cybersecurity or risk management roles, ideally within financial services or large-scale global enterprises.
• Proven experience in third-party/supply chain governance and risk assessment.
• Familiarity with regulatory expectations and engagement with global stakeholders.
• Strong understanding of risk and control frameworks and their operationalization.
• Knowledge of Cloud Security (SaaS focus), AI risk considerations, and control design.
• Bachelor’s degree in IT security or equivalent experience, complemented by relevant cybersecurity certifications (CISSP, CISA, CISM, CRISC, CCSP).
• Excellent communication and influence skills—capable of translating technical detail into business risk for decision-makers.
• Experience working in agile, complex, and multinational environments.
• Ability to manage multiple priorities, work independently, and deliver at pace without compromising quality.

• Define and deliver the TPSA consultancy strategy, ensuring cyber risk methodologies are integrated into supplier management processes.
• Provide end-to-end security risk consultancy during the selection and onboarding of critical third-party suppliers.
• Act as an SME on risk and control frameworks, informing design and remediation strategies for technical and process-related gaps.
• Engage and influence stakeholders globally, including Cybersecurity leadership, Control Officers, Risk Stewards, and regulators.
• Conduct Quality Assurance reviews of TPSA assessments to maintain best-in-class standards.
• Collaborate across multiple teams to drive continuous improvement in third-party security governance.
• Prepare concise presentations, reports, and senior stakeholder updates.
• Contribute to a culture of security excellence and embed new approaches through peer training and advocacy.