Security Supply Chain Manager
Netcompany is one of the fastest growing and most successful IT services companies in Europe. We are true leaders in digitalisation and are proud to build, implement and support innovative IT solutions for some of the most exciting and prestigious organizations in the world. Our vision is to be the leading digital challenger in Europe, pioneering the next generation of IT consulting, with a strong focus on providing customers true value and delivery certainty.
We operate in both the public and private sector and our services range from application development and cloud migration through to programme delivery and service operations. Our team consists of true thought leaders who drive business transformation through innovative use of technologies such as predictive data analytics and cognitive computing. We have highly skilled and motivated technologists globally, who are involved in the delivery of some of the most secure, complex, and nationally important technology programmes.
We have an exciting opportunity for a Security Supply Chain Manager to be a key member of our growing Security Function. As part of the role you will be the Subject Matter Expert (SME) and point of contact for information security related supply chain & 3rd party assurance (including Cloud services), contractual and legal requirements to manage information security requirements.
- Undertakes vulnerability risk assessments where required.
- Participates in Security Incident Management process.
- Provide reporting to KPIs for areas of responsibility
- Develop policies and procedures within their subject area, where required
- Own and maintain, responsibility for making updates, as well as the implementation of the policy and procedure.
- Engages with, assists internal and external business stakeholders to resolve matters within subject area/s.
- Identifies and ensures compliance against information security controls required to safeguard supplier access, storage and processing of intellectual property, assets and systems.
- Identify and mandates information security controls for suppliers that provide IT & IT Engineering infrastructure and services (e.g. Cloud and software development).
- Undertakes security assessments of existing and new suppliers as per policy and procedures
- Assist legal in the development of security compliant supplier contracts / agreements, that consider the requirements to address security risks.
- Assists in the review and interpretation of regulatory and legislative security requirements. Documents in policy / procedure and implements security requirements where required.
- Monitor, review and audit the on-going compliance of 3rd party suppliers.
- Work with the Business Partnering function to address information security compliance requirements.
- Demonstrable experience of working in a similar role in a large organisation or consultancy.
- Client facing, and able to support clients and their environments across a wide technology stack.
- Strong communication skills, both verbally and in writing.
- Strong understanding on security industry standards and best practise including ISO27001
- Ability to credibly coordinate between technical teams and business stakeholders.
- Any certifications within the following are highly desirable:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CISA (Certified Information Systems Auditor)
- CSSLP (Certified Secure Software Lifecycle Professional)
- Cisco - CCIE Security, CCNP, CCSP, CCNA
Netcompany has existed in the UK since the acquisition of the very successful IT company, Hunter Macdonald in October 2017. Netcompany is one of Northern Europe’s most successful IT Companies, with offices in Denmark, Norway and Poland, Holland, UK and Vietnam.
We are an entrepreneurial company and we’re looking for people who are excited by the challenge of doing things differently. Our culture builds on low bureaucracy with a strong focus on high agility and flexibility.
At Netcompany we believe that a diverse and inclusive workplace is central to our success, which is why all qualified candidates are invited to apply regardless of gender, sexual orientation, disability, age, religion and belief, ethnic background, nationality, gender identity or culture. We are committed to live out a culture where we provide equal opportunities for all.