Cyber Security Supply Chain Specialist
Posted 1 day ago by SSE plc
£72,592 Per year
Undetermined
flexible
Glasgow, Scotland, United Kingdom
Summary: The Cyber Supply Chain Security Specialist will implement and manage the supply chain security strategy at SSE, focusing on contract clauses, supplier negotiations, and assurance for critical third-party suppliers. This role involves collaboration with various stakeholders to identify risks and ensure compliance with cyber security regulations. The specialist will also oversee supplier assurance reviews and support incident management related to supply chain security. The position is based in Glasgow and offers a flexible working pattern within a permanent, full-time role.
Key Responsibilities:
- Support the creation of procedures and contract requirements for supply chain security compliance.
- Collaborate with business and procurement teams to assess cyber security supply chain risks.
- Conduct supplier assurance reviews to ensure adherence to cyber security standards.
- Record operational assurance findings and recommend mitigating actions.
- Assist in managing supply chain security incidents with the Threat, Detection & Response team.
- Oversee day-to-day supply chain security monitoring and supplier onboarding/offboarding activities.
Key Skills:
- Understanding of cyber security frameworks and supply chain security risks.
- Experience in cyber security auditing and assurance controls.
- Ability to negotiate with commercial suppliers and manage conflicts.
- Experience engaging with security operations during incidents.
- Strong written, interpersonal, and analytical skills.
- Attention to detail and effective stakeholder management.
Salary (Rate): £72,592 yearly
City: Glasgow
Country: United Kingdom
Working Arrangements: flexible
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Base Location: Havant, Reading, Perth, Glasgow
Salary: £61,620 - £72,592 and a range of benefits to support your finances, wellbeing and family.
Working Pattern: Permanent | Full Time | Flexible First options available
The role
The Cyber Supply Chain Security Specialist will deliver key aspects of the supply chain security strategy including delivering contract clauses and support to negotiations and assurance for critical third party suppliers. They will work with colleagues across SSE and collaborate directly with suppliers and the business to understand risks and drive actions to minimise impacts on SSE.
You will
- Support the creation of procedures and contract requirements that clearly define and embed security responsibilities within supply chain operations, ensuring compliance with NIS regulations.
- Work with business and procurement colleagues to understand cyber security supply chain risks and support supplier due diligence, selection and contractual negotiations.
- Deliver self or work with an outsourced third party to deliver supplier assurance reviews to confirm that legislative, regulatory and SSE cyber security standards are adhered to by critical suppliers.
- Record operational assurance findings and where required, drive a list of mitigating recommendations for stakeholder management and cyber risk assessment.
- Support supply chain security incidents in conjunction with the Threat, Detection & Response team.
- Support supplier lifecycle security by overseeing day to day use of supply chain security monitoring tooling, supplier notifications, and supplier security on/offboarding activities.
You have
- Good understanding of cyber security frameworks, controls and principles involved in supply chain security and the associated risks and regulatory requirements of cyber security and data protection.
- Experience in cyber security or third-party security auditing, assurance controls or similar capabilities including planning, fieldwork and reporting.
- Experience of working with commercial suppliers and the ability to negotiate vendor requirements, deal with conflict and best practice in supply chain cyber security.
- Experience engaging with a security operations team during supply chain security incidents.
- Articulate with good written, interpersonal and analytical skills.
- Good influencing skills and attention to detail and the ability to effectively manage conflicting stakeholder needs.
About SSE
SSE has a bold ambition – to be a leading energy company in a net zero world. We're building the world's largest offshore wind farm. Transforming the grid to provide greener electricity for millions of people and investing over £20 billion in homegrown energy, with £20 billion more in the pipeline. Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day-to-day support in emerging technologies, data and analytics, cyber security and more.
Flexible Benefits To Fit Your Life
Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such as maternity and adoption pay, and paternity leave.
Work with an equal opportunity employer
SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact david.brickell@sse.com /01738 275 846 to discuss how we can support you. We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
Ready to apply? Start your online application using the Apply Now box on this page. We only accept applications made online. We'll be in touch after the closing date to let you know if we'll be taking your application further. If you're offered a role with SSE, you'll need to complete a criminality check and a credit check before you start work.