Security Supply Chain Risk Management Specialist
COLT Technology Services India Pvt LtdJob Description
Security Supply Chain Risk Management Specialist
Job ID: 36648
Job Location- Bangalore/Gurugram
Job Level- S2 Core
Employment Type- Full Time
Why we need this role
We are seeking a Security Supply Chain Risk Management Specialist to join our Security Governance, Risk and Compliance (GRC) team. This role is responsible for identifying, assessing, managing, and monitoring security and ICT risks arising from third‑party suppliers, outsourcing arrangements, and sub‑contractors across the full vendor lifecycle.
The position plays a critical role in ensuring compliance with DORA, NIS2, ISO/IEC 27001, and related regulatory and contractual obligations, while strengthening the overall digital and operational resilience of the organization.
Join us and you will be part of a fast-growing community of like-minded experts to grow and learn alongside you in your career.
What you will do
Third‑Party Security Risk Management
- Design, operate, and continuously improve the security supply chain risk management framework
- Perform security risk assessments and due diligence of ICT suppliers, cloud providers, SaaS vendors, and critical service providers
- Classify suppliers based on criticality, data access, service dependency, and systemic risk
- Identify and track concentration risk, single points of failure, and exit complexity
Regulatory & Framework Alignment
- Ensure third‑party security controls and processes align with:
- DORA (ICT third‑party risk management requirements)
- NIS2 supply chain security obligations
- ISO/IEC 27001:2022 Annex A (supplier and ICT supply chain controls
Supplier Lifecycle & Contractual Controls
- Define and enforce security requirements for supplier onboarding, including:
- Minimum security baselines
- Evidence expectations (ISO certifications, SOC reports, penetration test summaries, etc.)
- Review and contribute to security‑related contractual clauses, including:
- Audit and access rights
- Incident notification timelines
- Sub‑outsourcing controls
- Exit, portability, and business continuity provisions
- Support secure offboarding and exit strategies for ICT providers
Continuous Monitoring & Assurance
- Establish and maintain ongoing monitoring of supplier security posture
- Track remediation plans, risk acceptances, and exceptions
- Coordinate periodic reassessments of critical and high‑risk suppliers
- Maintain accurate supplier risk documentation and registers
Reporting & Stakeholder Engagement
- Provide risk reporting and insights to security leadership and management
- Support internal awareness on supply chain risk trends and emerging threats
- Engage constructively with suppliers to drive risk reduction and security maturity
What we're looking for
Must haves:
- Proven experience (typically 5+ years) in:
- Third‑party risk management
- Information security risk management
- Technology, cloud, or outsourcing risk
- Strong understanding of ICT and cybersecurity risk concepts
- Supplier and outsourcing models
- Practical familiarity with ISO/IEC 27001 and supplier‑related controls
- Experience working with risk assessments, control frameworks, and remediation tracking
- Strong analytical and risk‑based thinking
- Ability to translate regulatory requirements into actionable controls
- Confident communication with technical, legal, and business stakeholders
- Structured, detail‑oriented, and audit‑ready mindset
- Pragmatic approach to balancing security, compliance, and business needs
Experience Level
Mid LevelJob role
Job requirements
About company
Similar jobs you can apply for
Logistics/ Warehouse operations
Picker / Packer
Inamo
Picker / Packer
Ancy Hr Solutions Private Limited
Picker / Packer
Ancy Hr Solutions Private LimitedPicker / Packer
Pr CreationzPicker / Packer
Blinkit Private LimitedPicker
SwiggyYou can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.
The candidate should have completed the required education and people who have 5 to 31 years are eligible to apply for this job. You can apply for more jobs in Bengaluru/Bangalore to get hired quickly.
The candidate should have sound communication skills and sound communication skills for this job.
Both Male and Female candidates can apply for this job.
No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Bengaluru/Bangalore at apna.
No work-related deposit needs to be made during your employment with the company.
Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.
The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Bengaluru/Bangalore . Through apna, you can find jobs in 64 cities across India. Join NOW!