Our client, a leading provider in the utilities sector, is currently seeking a Cyber Security Supply Chain Analyst to join their flexible team. The role is based within a Technology department dedicated to delivering secure and stable IT services to maximise value to the business.
Key Responsibilities:
- Liaising with the supply chain to identify, analyse, and report on their cyber posture
- Reviewing policy and standard artefacts submitted for review by suppliers
- Articulating the importance of contract clauses with suppliers and confidently negotiating the best position
- Using clear communication skills to report on various KPIs and compliance obligations to governance groups
- Identifying and managing information security risk, aligning with control frameworks such as NIST and CIS
- Scoping and managing security testing to OWASP Top 10 standards
- Reviewing, testing, and monitoring control effectiveness
- Building strong relationships within the business and engaging with the supply chain on information security initiatives and threats
- Promoting Secure by Design and visibility of testing services
- Collaborating across the wider technology department and the core business to drive continuous improvement
Job Requirements:
- Experience in information security and a passion for the field, keeping up to date with emerging threats and technologies
- Experience managing control frameworks and working within a regulated environment
- Knowledge of regulatory standards such as GDPR, NISR, PCI DSS
- Experience in managing information security risk and security testing
- In-depth knowledge of control frameworks and their effective application to manage risk
- Excellent communication skills and the ability to influence decision making with internal and external stakeholders
- Ability to clearly articulate identified risks and negotiate improved positions for enhanced security
Benefits:
- 28 days holiday plus bank holidays (with the option to buy/sell up to 5 days per year)
- Annual bonus scheme based on company performance
- Leading pension scheme with double contributions (up to 15% when you contribute 7.5%)
- Sharesave scheme offering discounted shares
- Dedicated training and development through the company's Academy
- Electric vehicle scheme and retail offers
- Family-friendly policies
- Two paid volunteering days per year
If you are an experienced Cyber Security Supply Chain Analyst looking to make a difference in a critical national infrastructure environment, apply now to join the team!
This role is with Mark Elford in the InfoSec People team.
