Third-party/Supply Chain Security Analyst
Volvo Group
OBS! Ansökningsperioden för denna annonsen har passerat.
Arbetsbeskrivning
Third-party/Supply Chain Security Analyst
Mission and context
In this role you will identify, assess, document, and lower third-party/supply chain and security risks to Volvo Group. You will play an integral part to design the future third-party information security risk management framework and ensure visibility and oversight of information security risks across all TD/BA/GFs.
You will further assist in areas of third party governance, monitoring, compliance, and auditing along with metrics and measurement, and reporting to senior management.
The successful candidate reports directly to the Third-party/Supply Chain Security Officer.
Main Responsibilities
Develop strategy to integrate third-party/supply chain security in contracts
Create and maintain third party information security risk management approach in line with the overall (IT) security framework
Ensure that information- and cybersecurity clauses get inserted or amended into new and existing third-party contracts
Monitor and compile reports for third party contract coverage rates
Plan, schedule, and support security audits and assessments for Volvo Group third parties
Track remediation of findings from security audits and assessments of third parties
Maintain awareness of emerging information security and geopolitical risks and trends, and their impact to our overall supply chain
Manage requests from third parties/ customers related to Volvo Group information security capabilities
Requirements and Qualifications
Master's degree in Information technology, computer science, cybersecurity, or related field
3+ years of practical experience working with third party suppliers to assure compliance with security directives, standards etc.
Familiarity with NIST Cybersecurity Framework and NIST 800-x series and related frameworks such as COBIT and ITIL
Good time-management skills, and the ability to manage multiple assessments, audits and projects or tasks simultaneously
Industry certification/qualification
ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.
Mission and context
In this role you will identify, assess, document, and lower third-party/supply chain and security risks to Volvo Group. You will play an integral part to design the future third-party information security risk management framework and ensure visibility and oversight of information security risks across all TD/BA/GFs.
You will further assist in areas of third party governance, monitoring, compliance, and auditing along with metrics and measurement, and reporting to senior management.
The successful candidate reports directly to the Third-party/Supply Chain Security Officer.
Main Responsibilities
Develop strategy to integrate third-party/supply chain security in contracts
Create and maintain third party information security risk management approach in line with the overall (IT) security framework
Ensure that information- and cybersecurity clauses get inserted or amended into new and existing third-party contracts
Monitor and compile reports for third party contract coverage rates
Plan, schedule, and support security audits and assessments for Volvo Group third parties
Track remediation of findings from security audits and assessments of third parties
Maintain awareness of emerging information security and geopolitical risks and trends, and their impact to our overall supply chain
Manage requests from third parties/ customers related to Volvo Group information security capabilities
Requirements and Qualifications
Master's degree in Information technology, computer science, cybersecurity, or related field
3+ years of practical experience working with third party suppliers to assure compliance with security directives, standards etc.
Familiarity with NIST Cybersecurity Framework and NIST 800-x series and related frameworks such as COBIT and ITIL
Good time-management skills, and the ability to manage multiple assessments, audits and projects or tasks simultaneously
Industry certification/qualification
ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.
Sammanfattning
- Arbetsplats: Volvo Group
- 1 plats
- Tills vidare
- Heltid
- Fast månads- vecko- eller timlön
- Publicerat: 25 juli 2022
- Ansök senast: 15 augusti 2022
Besöksadress
**
Postadress
*Göteborg, 40508
Liknande jobb
Specialist inom It-säkerhet
Myndigheten för digital förvaltning
25 november 2024
Staff Cybersecurity Architect, Cloud Connectivity
Electrolux AB
STOCKHOLM
21 november 2024
18 november 2024
Cybersecurity Architect
Meet a Groups kund
18 november 2024