TPSA Senior Consultant

Mindbox is a tech-driven company connecting top IT talents with technology projects for leading enterprises across Europe.

• 5+ years in cybersecurity or risk management roles, ideally within financial services or large-scale global enterprises.
• Proven experience in third-party/supply chain governance and risk assessment.
• Familiarity with regulatory expectations and engagement with global stakeholders.
• Strong understanding of risk and control frameworks and their operationalization.
• Knowledge of Cloud Security (SaaS focus), AI risk considerations, and control design.
• Bachelor’s degree in IT security or equivalent experience.
• Relevant cybersecurity certifications: CISSP, CISA, CISM, CRISC, CCSP.
• Excellent communication and influence skills.
• Experience working in agile, complex, and multinational environments.
• Ability to manage multiple priorities, work independently, and deliver at pace without compromising quality.

• Define and deliver the TPSA consultancy strategy, ensuring cyber risk methodologies are integrated into supplier management processes.
• Provide end-to-end security risk consultancy during the selection and onboarding of critical third-party suppliers.
• Act as a SME on risk and control frameworks, informing design and remediation strategies for technical and process-related gaps.
• Engage and influence stakeholders globally, including Cybersecurity leadership, Control Officers, Risk Stewards, and regulators.
• Conduct Quality Assurance reviews of TPSA assessments to maintain best-in-class standards.
• Collaborate across multiple teams to drive continuous improvement in third-party security governance.
• Prepare concise presentations, reports, and senior stakeholder updates.
• Contribute to a culture of security excellence and embed new approaches through peer training and advocacy.

#LI- Hybrid – 6 days a month from the office in Kraków