SCSA SME

Job Purpose and Key Responsibilities:

Manage a variety of projects within their organization, facilitating the planning and prioritization of complex cybersecurity services

Primary Role & Responsibilities:

• Work with Product Owner and Group Product owner to define team development tasks to complete in quarterly iterations MBIs
• Assist PO and GPO with prioritization activities
• Delivering against the overall architecture of our supplier security assurance transformation to ensure it meets business requirements and integrates seamlessly with existing systems as set out by the Product Owner
• Ensure the implementation follows a structured approach with minimal disruption to business operations
• Creation of training documentation and delivery of end user training
• Maintain appropriate documentation of any systems/processes included as part of transformational and development work.
• Conduct analysis on issues identified and implement corrective and preventative actions to resolve.
• Deliver risk management initiatives to support effective application of the SCSA framework and conduct risk obligations

Key Skills, Experience & Knowledge:

• Understanding of supply chain/supplier/third party security assurance using manual and automated processes coupled with relevant experience in a supply chain security assurance related role.
• Should have worked in 2LOD & 3LOD with end-to-end knowledge in Third Party Risk Management & its Lifecycle.
• Knowledge of information security principles and best practices and experience in managing information security risk and controls in a regulatory environment.
• Significant experience of implementing GRC tooling (ideally with a focus on Supply Chain/Supplier/Third Party Security Assurance)
• Should have sound knowledge of Vendor On-Boarding process, Due diligence, monitoring, Off boarding etc.
• Experience in training and creating user manuals/guides
• Performing Risk Assessments and understanding various tools and applications.
• Should have completed Risk Certifications ISO 27001 LA/LI, GDPR, CISA, CISP etc.
• Should have experience in handling Audits, Feedback, customer escalations etc.
• Jira
• Confluence
• Lucid/Visio
• Excel
• PowerPoint

Key Skills/Knowledge:

Personal Profile

• An individual with a passion for Information & Cyber Security
• An individual with a passion for process transformation and implementation
• An individual with a customer first mind-set who is easy to do business with and makes people feel special, driven to deliver experiences that are personalized, transparent and dependable.
• An individual who is results driven, demonstrates, tenacity, drive and perseverance, with the ability to deliver in a complex, highly demanding environment.
• An individual who is resilient, energetic and enthusiastic, able to deliver results under pressure, whilst responding constructively to challenging new ideas and inputs
• An individual who is able to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style
• An effective team player, actively supports and collaborates with other team members
• Resilient and enthusiastic who responds constructively to new ideas and inputs
• Good communication skills both written and verbal.