Cybersecurity risk consultant

Posted 6 hours ago by Hays

Permanent
Not Specified
Other
Wiltshire, Swindon, United Kingdom, SN256
Job Description
Your New Role

1 day per week on site in Swindon
Competitive hourly rate Outside IR35
6-month contract role

As a Supply Chain Cyber Risk Management Specialist, you will support the OT Security Department, particularly the Governance, Risk, and Compliance Team, with activities and processes related to Supply Chain Cyber Risk Management. Your responsibilities will include:

  1. Performing and supporting supply chain cybersecurity risk assessments across various vendor and supplier relationships, ensuring compliance with regulatory requirements (e.g., NIS2, KRITIS).
  2. Enhancing risk assessment methodologies and tools specific to the cybersecurity supply chain domain.
  3. Collaborating with stakeholders to implement risk mitigation strategies based on assessment findings.
  4. Drafting and maintaining standards, procedures, and processes to ensure supply chain cybersecurity resilience and regulatory alignment.
  5. Supporting the drafting and implementation of training for stakeholders on cybersecurity supply chain risk management best practices.
  6. Monitoring, tracking, and advising on supplier-related cybersecurity risk findings and follow-up actions raised during assessments.
  7. Supporting internal and external audits related to supply chain cybersecurity, preparing relevant stakeholders and documentation.
What You'll Need to Succeed
  1. In-depth knowledge of cybersecurity standards and frameworks (e.g., NIS2, ISO 27001, ISO 27017, B3S) and experience with risk assessments in supply chain contexts.
  2. Proven experience implementing regulatory requirements, designing and/or auditing governance systems, and working on projects within the supply chain cybersecurity domain.
  3. Familiarity with contract management, vendor risk assessment tools, and associated workflows.
  4. Technical knowledge of threats and vulnerabilities in the supply chain context, including third-party risks and risk mitigation strategies.
  5. Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word), with experience in using data analysis tools or risk management platforms being a strong plus.