OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Third-party/Supply Chain Security Officer
Mission and context
In this role you will be responsible for the Group-wide third party/supply chain security framework, and oversee third party/supplier risk assessments, assuring risk identification and mitigations are in accordance with the information security (risk) strategy.
You will further drive the operationalization of the third party/supplier security risk management process and relevant tooling to ensure its robustness, following the regulatory requirements and best industry practices.
The successful candidate reports directly to the Information Security Risk & Assurance Lead.
Main Responsibilities
Develop & maintain the Group-wide third party/supply chain security framework, including the methodology for classifying suppliers based on type and business criticality
Develop & maintain the set of mandated security requirements for third-party contracts
Develop & maintain the assurance methodology to monitor supplier compliance
Provide training & awareness to Group Truck Procurement (GTP) on the third party/supply chain security framework and assurance process
Provide clarifying support to internal third-party relationship owners across TD/BA/GFs or third-party representatives in their efforts to adhere to the third party/supply chain security framework and contractual requirements
Report on compliance with the Group-wide third party/supply chain security framework and contractual requirements
Review 3rd party and supply chain security escalations, evaluate response and ensure communication with all involved stakeholders
Respond to inbound customer security enquiries and questionnaires (e.g., as part of RFPs/tenders) across all Volvo Group ecosystems (IT, OT and Product)
Requirements and Qualifications
Master's degree in Business, Information technology, cybersecurity, or related field
5+ years of advanced IT skills with a high level of information security experience and expertise
3+ years of practical experience working with third party suppliers to assure compliance with security directives, standards etc.
Detailed knowledge of 3rd party security risk oversight and assessment
Familiarity with NIST Cybersecurity Framework and NIST 800-x series and related frameworks such as COBIT and ITIL
Ability to interact with and influence senior-level technical and non-technical stakeholders across Volvo Group
Industry certification/qualification
CISM, ISO 27001 Lead Implementer
The position is open now and will be contracted as soon as possible. We will start screening as applications arrive, so don’t hesitate to send yours.
For more info please contact Thomas de Neergaard, SVP Group Security, CSO & CISO, thomas.de.neergaard@volvo.com
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.