Posted in

Senior Manager – Supplier Cyber Risk

Senior Manager – Supplier Cyber Risk

CompanyMcKinsey & Company
LocationBoston, MA, USA, Washington, DC, USA, Tampa, FL, USA, Philadelphia, PA, USA, Miramar, FL, USA, Denver, CO, USA, Atlanta, GA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Bachelor’s/university degree required
  • 7+ years of relevant experience in cybersecurity
  • Deep knowledge of cybersecurity policies, standards and best practices
  • Experience in third party risk from both a strategic and operational perspective
  • Understanding of cybersecurity diligence methods, including vulnerability assessments and penetration testing
  • Technical understanding of the cybersecurity landscape and working knowledge of common information security controls, guidelines and standards (e.g., ISO27001, OWASP, SOC 2, NIST)
  • Must be comfortable with ambiguity; demonstrate strong problem solving and creative thinking skills; must be able to work under pressure and tight deadlines
  • Ability to interact and influence at all levels of management across functions
  • Project and process management skills, with expertise prioritizing and managing multiple projects/tasks simultaneously
  • Demonstrated experience in developing documents and presenting complex information to colleagues at all levels

Responsibilities

  • Mitigating supplier cybersecurity risks in the firm’s supplier onboarding process and across its supply base
  • Leading strategy development and program execution of the next generation of cyber supplier risk management program
  • Designing a risk-based cyber diligence methodology, evaluation framework, ongoing monitoring, issue management and related risk artifacts
  • Ensuring the robustness and efficiency of cyber controls in the end-to-end procurement lifecycle
  • Delivering on and representing Optimize supplier cybersecurity priorities across the firm
  • Assessing and analyzing supplier data and cybersecurity risks across procurement processes
  • Reporting on clear program metrics including security compliance for suppliers, incidents, Key Performance Indicators (KPIs) and Objectives and Key Results (OKRs)
  • Proactively identifying risk areas and opportunities and collaborating with cross functional teams to problem solve viable solutions
  • Gaining alignment and leading/supporting the implementation of agreed recommendations on behalf of the procurement team
  • Fostering and championing a ‘risk first’ culture and creating awareness across the firm on supplier cybersecurity risk topics
  • Building rapport and developing trust-based relationships with key stakeholders and other risk teams that work on supplier and cybersecurity issues
  • Being a subject matter expert and advising colleagues on cyber risk topics as they relate to supplier and procurement processes

Preferred Qualifications

  • Global experience in a professional services or consulting environment a plus

Benefits

    No information provided on Benefits.