SCSA Specialist

Job Purpose and Key Responsibilities:

Manage a variety of projects within their organization, facilitating the planning and prioritization of complex cybersecurity services.

Key Accountabilities

• Work with Product Owner and Group Product owner to define team development tasks to complete in quarterly iterations MBIs
• Assist PO and GPO with prioritization activities
• Delivering against the overall architecture of our supplier security assurance transformation to ensure it meets business requirements and integrates seamlessly with existing systems as set out by the Product Owner
• Ensuring that delivery is optimized through automation where possible
• Collaborate with Business Analyst(s) to gather and analyze business and technical requirements
• Translate business needs into technical specifications and solutions
• Implementation and delivery of technical specifications as defined in the technical requirements
• Ensure the implementation follows a structured approach with minimal disruption to business operations
• Developing and executing QA/test plans to validate the functionality, performance and security of our chosen SaaS solution
• Ensure any identified issues are mitigated and resolved before going live
• Creation of training documentation and delivery of end user training
• Maintain appropriate documentation of any systems/processes included as part of transformational and development work.
• Conduct analysis on issues identified and implement corrective and preventative actions to resolve.

Key Skills, Experience & Knowledge:

Essential:

• An appreciation and understanding of supply chain/supplier/third party security assurance using manual and automated processes coupled with relevant experience in a supply chain security assurance related role.
• Proven experience as a technical specialist within a software development & implementation team
• Knowledge of information security principles and best practices and experience in managing information security risk and controls in a regulatory environment.
• Significant experience of implementing cloud based GRC tooling (ideally with a focus on Supply Chain/Supplier/Third Party Security Assurance)
• Experience with integrating different software systems and APIs
• Good understanding of software development life cycles and methodologies from an IT and Security perspective
• Ability to create/decipher and maintain detailed technical documentation and technical specifications relating to software implementation
• Ability to diagnose and resolve technical issues quickly and efficiently
• Strong analytical skills to understand complex systems and workflows
• Experience in providing ongoing support and maintenance for implemented software
• Experience in training and creating user manuals/guides
• Experience of operating in all stages of the software delivery lifecycle (including security aspects).
• Good automation skills, including experience with unit testing and automated testing tools
• Experience of automated and manual AppSec testing practices and principles
• Knowledge of common application and infrastructure security vulnerabilities and mitigations.