Cyber Security Supply Chain Analyst

Location: Remote
Contract: Inside IR35
Day rate: Up to £700 per day
Duration: 6 Months
Start date: ASAP
Key skills: Supply Chain, Risk Management, TPRM process, NCSC CAF framework

We have an opportunity with one of the UK's biggest Retailers who have a network of branches nationwide. MI & Data Automation Analyst, you will play a pivotal role in delivering intelligent automation solutions, integrating multiple Microsoft technologies, and driving real business value.

Cyber Security Supply Chain specialist will work with the CISO function and wider business functions responsible for facilitating supplier onboarding, operational management and offboarding activities, to review, establish and drive adoption of a revised target operating model for supplier security risk management.

The goal is to ensure that the Client has a robust and continually managed enterprise-wide supplier cyber risk assessment process to reduce exposure to potential compromise of security, compliance or operational integrity of its supply chain.

Principal accountabilities:
- Key point of contact and subject matter expertise for third-party risk guidance
- Oversee the review of target supply chain risk assessment processes, establishing agreed recommendations and operating model in accordance with the National Cyber Security Centre Cyber Assessment Framework principles
- Product and communicate artefacts associated with the above, such as detailed reports and processes
- Help facilitate the adoption of target supply chain cyber risk assessment processes within CISO function, including optimisation of any associated software tooling.

Knowledge, experience and skills :

- Demonstrable experience leading TPRM process maturity reviews
- Understanding of best practice supply chain principles, ideally aligned to the NCSC CAF framework (CAF A4)
- Operated as a subject matter expert within transformation projects/programmes
- Report writing and delivery at all levels
- Ability to bring disparate groups together to work in teams
- Excellent communication and facilitation skills, with the ability to translate technical information into actionable business language for communications with key stakeholders
- Experience utilising TPRM software to initiate and track supplier cyber risk assessments (such as Risk Ledger)
- Cyber Security related certification such as CRISC, GIAC, CISM, CISSP desirable