Supplier Cyber Risk Management (SCRM) Supplier Cyber Specialist

Description

You as a Supplier Cyber Specialist will be part of Hitachi Energy business based in Abu Dhabi, UAE. You will be defining and managing (lead) the CRM-S Office staffing, roles and responsibilities, assessment targets, CRM-S internal and external communications for managing and monitoring cyber risks across the supply chain of the organization.

Your responsibilities  

• Supporting the implementation of the CRM-S governance and operating model, CRM-S policy and standards, Cybersecurity Standard - Supplier (CS-S), pre-deviation including ongoing maintenance and updates
• Updating CRM-S program documentation based on changing risks, stakeholders’ feedback, and regulatory changes.
• Defining assessment lifecycle, assessment type & frequency, assessment schedule, raise risks and issues and perform CRM-S risk reporting.
• Operationalizing the CRM-S processes throughout the supplier lifecycle from onboarding, contracting, continuous monitoring to offboarding stages across the HE organization.
• Managing the assessment demand by support from Supplier Cyber Service and assessor pool.
• Identifying and monitoring staffing opportunities required to support the supplier cyber risk assessment volume.
• Providing advice to the business stakeholders to complete cyber questionnaires for HE Suppliers.
• Driving remediation of internal audit findings from ISO27001 and other standards if requested.
• Building, supporting, and assisting supplier incident management cases.
• Supporting in training and educating the various stakeholders within the organization around the CRM-S process to facilitate efficient engagement delivery.
• Monitoring the progress of the assessment program and reporting any potential risks and delays to the assessment delivery.
• Providing consultation and support for other teams such as Incident Management and Group Audit with respect to supplier cybersecurity requirements.
• Working with the Legal and SCM team to integrate cybersecurity requirements within the supplier contracts as needed.
• Living Hitachi Energy’s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.

Your background

• A bachelor’s or master’s degree in information technology or related field.  
• 6 to 8 years of relevant experience in information security with at least 3 years of project management experience on mid-to-high complexity projects.
• Project Management Professional (PMP) or equivalent certification preferred.
• Deep understanding of information security and risk frameworks or standards.
• Demonstrate an understanding of market trends, competitor activities within CRM-S domain.
• Excellent stakeholder management along with interpersonal, verbal, written and communication skills.
• Proficiency in both spoken & written English language is required.