SCSA Senior Analyst

• Relevant experience in a supply chain security assurance related role.
• Experience with IT audit/risk management, with examples of managing technology risk and IT compliance standards within an organisation.
• Knowledge of information security principles & best practices and experience in managing information security risk and controls in a regulatory environment.
• Knowledge of documenting processes and key controls in association with supplier and organisational processes.
• Good level knowledge of standards and frameworks relating to information security risk management processes, frameworks, procedures and business continuity (eg NIST, ISO, Privacy Laws).
• Experience of working in an Agile environment.
• Experience in the reduction of supply chain security risks to acceptable levels.
• Work experience in increasing supply chain security assurance penetration.
• Work experience in reduction of supplier information security Incidents.
• Knowledge of compliance status against regulations including data privacy and UNECE Regulation No. 155 - cyber security and cyber security management system.

Good to have:

• Preferred certifications: CISA, CISM, ISO27001 lead auditor or CISSP.
• Experience of managing suppliers against and/or knowledge of requirements of UNECE Regulation No. 155 - Cyber security and cyber security management system.
• Knowledge and experience in managing information security in manufacturing and automation.
• Knowledge and experience in information security auditing techniques.
• Global business experience.