Supply Chain Security Assurance Manager - NESO
We are one of the world’s largest investor-owned energy companies, committed to delivering electricity and gas safely, reliably and efficiently to the customers and communities we serve.
The UK has set out its ambition to be net zero by 2050 and the energy industry is responding – together we are building a cleaner, greener Britain.
As we grow the security team here at ESO, we are now looking for a Supply Chain Security Assurance Manager. In this role, you will join a rapidly expanding & high-functioning Security team and will be expected to build and lead a comprehensive supply chain security assurance function. You will collaborate closely with our internal teams and our supply chain to conduct risk assessments, identify, and mitigate potential supply chain security risks and provide regular monitoring, assurance, and reporting. You will stay informed about current security threats and industry standards to continuously improve vendor risk management strategies.
You will develop and maintain strong relationships, engaging teams across the organisation and in our supply chain to promote and embed a proactive culture to the management of supply chain risk.
This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.
Key Accountabilities
* Oversight and management of regulatory and policy-driven requirements and processes in place to govern supply chain security risks.
* Development and execution of the end-to-end supply chain security assurance framework to identify and manage supply chain security risk, mitigating potential disruption to the business.
* Facilitate supplier security risk assessments to understand the risk and control environment that underpins the product/service provided.
* Development of supplier security requirements and remediation plans based on informed consideration of the type of supplier, product/services provided, and risks posed to critical assets.
* Incorporate supply chain responsibilities into incident management and response, BCP and crisis management processes where relevant.
* Identify and develop opportunities to digitalise the supplier risk management and reporting processes.
* Management of internal and external resources to successfully deliver Supply Chain security outcomes.
* Support the Legal and Procurement teams to incorporate tailored security requirements into supplier contracts.
* Develop metrics and reporting for supply chain security risk to senior management and provide input into relevant business communications / awareness activities.
* Maintain and develop knowledge of the sector, legislative changes, and threats to the supply chain.
* Build and maintain strong working relationships with key internal and external stakeholders, supporting business risk owners to mitigate supply chain security risk at all stages of the supply chain lifecycle.
* Identify continuous improvement opportunities to increase the level of maturity of the supply chain risk and assurance function.
About You
* A proven information security professional with a risk, compliance, and assurance background, with experience of implementing/assuring: ISO27001/27005/31000, NIST, COBIT, ITIL etc.
* Extensive understanding and experience of supply chain risk and assurance practices.
* Proven experience of owning and maturing the supply chain security assurance capability within an organisation, preferably in a critical national infrastructure organisation.
* Ability to translate complex cyber security guidance and information into practical processes and documentation and able to articulate, present and discuss the impact of technical and non-technical risks in the context of the organisation.
* Demonstrable stakeholder management expertise, fostering positive behaviours and leading to successful engagement in risk and assurance activities.
* Thorough understanding of supply chain risks posed to Critical National Infrastructure through Information technology, Operational technology, and physical environments.
* Ability to work independently and proactively to drive change.
* Degree-level qualification or equivalent combination of education and experience with a strong background in Risk/Compliance/Assurance.
* Professional security qualifications/certifications in appropriate areas are desirable.
* An inclusive approach that creates belonging, builds trust, and promotes innovation.
What You'll Get
A competitive salary between £65,000 – £75,000 – dependent on experience and capability.
As well as your base salary, there is a bonus scheme, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.
You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.
More Information
We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation and welcome and encourage applicants with diverse experiences and backgrounds.
We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
If you have any questions, please contact: box.TalentAcquisition@nationalgrideso.com
#J-18808-Ljbffr