Supplier Cyber Specialist

The opportunity:

In cybersecurity, we safeguard our business and ensure the delivery of top-tier, secure products and services to our customers. In cybersecurity risks management for suppliers, we collaborate in multi-stakeholder partnerships to protect our supply chain from any organizational risks. Together, we secure our supply chain by assessing, monitoring, and addressing any risks identified within our supply base. In close collaboration with other departments, the job holder will be responsible for reviewing our strategy and managing our cyber risk management tool to identify vulnerabilities and threats, and reporting these to our internal stakeholders.

How you’ll make an impact:

• Communication with Stakeholder: Communicate ongoing updates for the CRM-S program, including updates to Cybersecurity Standard. Supplier (CS-S), CRM-S policy and standard and related processes. Support the organization in increasing supplier cybersecurity awareness through various workshops, training sessions and roadshows.

• Cyber Risk Management strategy: Manage CRM-S documentation such as CRM-S policy & standards, supplier cyber assessments, etc. within SharePoint site (“CRM-S” library). Collaborate with internal and external stakeholder at Hitachi Energy to formalize & update processes, develop training and other initiative. Monitor and update business adherence to CRM-S requirements and communicate periodic cyber risk assessment results to the respective stakeholders. Support the CRM-S Team related to build, maintain and update the CRM-S program overall.

• Stakeholder Coordination: Act as the primary contact for all supply chain-related inquiries directed to our department. Builds relationships with business teams within the organization to support supplier cyber risk management activities from their respective teams.

• Continuous Monitoring: Provide consultation and support other teams such as Incident Management, Legal and SCM, and Group Audit with respect to supplier cybersecurity requirements. Work closely with SCM Risk management to ensure cyber risks are communicated and assessed.

• Technology and Tools: Leverage technology and cyber risk management tools to enhance incident response capabilities. Manage the impact analysis/reporting during crisis in collaboration with Supply Chain Risk Management. Support Bitsight tools implementation and integration with Resilinc.

• Responsible to ensure compliance with applicable external and internal regulations, procedures, and guidelines.

• Living Hitachi Energy’s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.

Your background:

• Degree (or equivalent) in information technology or related field.

• 3-5 years’ experience in information technology.

• CISA/CISSP (or equivalent) certified preferred.

• Deep understanding of information security and risk frameworks/standards such ISO 27001 and NIST.

• Knowledge of key risk areas such as compliance risk / regulatory risk and one or more of the following domains: Security Governance and Management, Security Policies and Procedure,  Application Management Controls, Identity and Access Management Control, Supplier Risk Management, Incident Response, Cyber Resilience, Privacy and Data Protection, Cloud Security & Business Continuity and Disaster Recovery

• Excellent stakeholder management along with interpersonal, verbal, written and communication skills

• Previous experience of implementing and managing a cyber risk management tool, with continuous monitoring and vendor risk management module.

• Proficiency in both spoken & written English language is required.