Greetings from Netsach - A Cyber Security Company.

The Cyber Supply Chain Assessment Specialist will help the bank build and assess 3rd parties/suppliers and align with Supply Chain Security Assessment practices. The role will require the candidate to monitor and assess third parties that provide supplies and services to our technology and business divisions, that affect the bank’s information security and cyber posture. Formulating and applying a focused threat and risk-based methodology and framework, to identify and expose weaknesses in the third-parties Cyber readiness.

Job Title: Cyber Supply Chain Assessment Specialist

Exp: 3 -6 yrs

Location: Meydan, Dubai

Job Type: FullTime

Interested candidates please share your resume at emily@netsach.co.in. Please login to our website www.netsachglobal.com, kindly register yourself and upload you profile in our website.

Job Description

• 3-5 years of experience with Information security. 
• Experience in GRC tools. 
• Experience in conducting information security audits and report writing. 
• Experience in conducting cyber supply chain/vendor security assessments through remote and onsite models. 
• Experience in development of information security frameworks, processes, and procedures. 
• Hands on experience in vulnerability management and penetration testing 
• Experience in conducting security awareness trainings for third party vendors.
• Sound technical background covering heterogeneous technologies and multiple security domains (Technical) 
• Sound knowledge and skills in policies, standards and required controls (both technical and compliance based) (Technical) 
• Threat modelling experience (Technical) 
• Superior verbal & written communication skills; should be able to explain security observations simply and effectively to technical personnel and to business personnel (Management) 
• Good presentation skills (Management).
• Security Ninja with Analytical Thinking ability that anticipates various threat vectors and possible cyber supply chain attack scenarios.

Education

Bachelors or master’s degree in computer science, Mathematics, or equivalent discipline 

Master’s degree in business management or equivalent 

Certifications such as CISSP, CISM, CEH, CISA 

Third Party Assessment Certifications such as C3PRMP, CTPRA, CTPRP

Job Purpose

It will be key for the specialist to: 

Work with key internal stakeholders to identify third parties/suppliers and their criticality to the bank.

Collect open-source intelligence on threats and vulnerabilities that third parties expose publicly to identify any potential exposure to the bank by utilising the tools available within the bank.

Conduct onboarding and periodic info-sec posture assessment of third parties through questionnaires, thorough analysis of the control effectiveness of the third-party cyber environment by reviewing evidence submitted and preparation of assessment reports.

Apply audit, compliance, regulatory frameworks and associated requirements to develop the third-party assessment framework and ensure their compliance.

Develop a working knowledge of the bank engagement with third parties to ensure that due diligence reviews and assessments are optimised.

Present the assessment findings to relevant stakeholders along with the potential impact and recommendations.

Ensure identified gaps from vendor assessments are tracked and remediated as per bank’s technology issue management guidelines.

Managing ad-hoc review and reporting requests from stakeholders.

Perform revalidation of remediated issues on a timely manner.

Provide support in planning and conducting third party security awareness sessions.

Provide support in managing regulatory compliance and outsourcing documentation processes.

Manage the Security Scorecard platform to monitor the Organisation’s external security posture, to strengthen our third-party risk management, and overall cybersecurity posture.

Thank You 

Emily Jha

emily@netsach.co.in

www.netsachglobal.com

Netsach - A CyberSecurity Company