Supplier Security Risk Analyst
Supplier Security Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Req ID:495449
Leading societies to a low carbon future Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains metros monorail and trams to integrated systems customised services infrastructure signalling and digital mobility solutions. Joining us means joining a caring responsible and innovative company where more than 70000 people lead the way to greener and smarter mobility worldwide
Job Purpose
The Supplier Security Risk Analyst plays a critical role in ensuring that third-party suppliers meet the organizations cybersecurity and compliance standards. This role supports the continuous assessment monitoring and governance of supplier-related security risks contributing to the overall resilience of the digital supply chain.
Within the IT Risk Compliance & Data Protection team which is part of the Information Security & SecOps department this role is implemented for addressing the following activities:
Key Responsibilities
Supplier Risk Assessment & Qualification
- Conduct and document Supplier Inquiry Qualification (SIQ) and Supplier Inquiry for Procurement (SIP) processes
- Perform risk assessments using tools such as Security Scorecard BitSight and Moodys
- Evaluate supplier responses and determine risk treatment plans.
Contractual Security Controls
- Ensure integration of cybersecurity clauses NDAs and SIPs into supplier contracts in collaboration with Legal and Procurement
- Support the definition and tracking of security KPIs in supplier agreements.
Monitoring & Governance
- Maintain and update the Supplier Security Risk Register.
- Monitor supplier performance and risk posture through dashboards and periodic reviews
- Coordinate with internal stakeholders to define response options for declining supplier risk scores
Audit & Compliance
- Support internal and external audits related to supplier security.
- Ensure alignment with ISO 27001 controls (e.g. A.5.1 A.5.37) and internal ISMS processes
Process Improvement & Reporting
- Contribute to the continuous improvement of supplier risk management processes.
- Prepare reports and dashboards for governance forums and risk boards
Training & Awareness
- Promote awareness of supplier security requirements across business units.
- Support training initiatives related to supplier risk management tools and processes.
Alstom is the leading company in the mobility sector solving the most interesting challenges for tomorrows mobility. Thats why we value inquisitive and innovative people who are passionate about working together to reinvent mobility making it smarter and more sustainable. Day after day we are building an agile inclusive and responsible culture where a diverse group of people are offered opportunities to learn grow and advance in their careers with options across functions and geographic locations. Are you ready to join a truly international community of great people on a challenging journey with a tangible impact and purpose
Equal opportunity statement:
Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential and individual differences are valued and respected. All qualified applicants are considered for employment without regard to race colour religion gender sexual orientation gender identity age national origin disability status or any other characteristic protected by local law.
Job Type:Experienced
Required Experience:
IC
Employment Type
Full Time
