Information Security Supply Chain Risk Specialist II

Information Security Supply Chain Risk Specialist II

Jabil

At Jabil we strive to be the most technologically advanced and trusted manufacturing solutions provider.

At Jabil we strive to make ANYTHING POSSIBLE and EVERYTHING BETTER. We are proud to be a trusted partner for the world's top brands, offering comprehensive engineering, manufacturing, and supply chain solutions. With over 50 years of experience across industries and a vast network of over 100 sites worldwide, Jabil combines global reach with local expertise to deliver both scalable and customized solutions.

JOB SUMMARY
The Information Security Supply Chain Risk Specialist supports Global Information Security’s initiatives from a Supply Chain Risk Management perspective. Facilitates risk assessments on Jabil’s supply chain to classify threats to Jabil’s infrastructure and organizational operations, while identifying and recommending appropriate risk mitigations. Provides subject matter expertise on Jabil's information security supplier requirements.

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Lead Information Security's Vendor Review process.
2. Evaluate, comprehend, and communicate compliance evidence documentation such as SOC report(s) and/or ISO 27001 certificates.
3. Communicate risk assessment findings to internal solution service owners and external third-party vendors/suppliers.
4. Provide consultative advice to internal solution service owners that enables them to make informed risk management decisions.
5. Identify appropriate controls to effectively manage information risks, as needed.
6. Identify opportunities to improve risk posture and assessing the residual risk.
7. Review and provide feedback on technology third party contractual agreements.
8. Maintain strong working relationships with individuals and groups involved in managing information risks across the organization.
9. Connect the dots between Jabil's supply chain and current risks posed to the IT environment.
10. Recommend changes to procedures and standards to ensure compliance while minimizing the impact on business processes.
11. Serve as a focal point for escalation and solution of Information Security SCM risk issues.
12. Participate and collaborate in enterprise wide supply chain risk initiatives.
13. Maintain positive relations with all employees and seek suggestions/ways of improving compliance of IT processes and systems.
14. Drive process, procedure and systems continuous improvement, identify creative ways to reduce costs by streamlining them, assure they are efficient and not redundant.
15. Participate in/drive project and ensure timely project delivery. Organize own work effectively and efficiently.
16. Maintain discretion and confidentiality in all areas pertaining to data and proprietary information whether internal to Jabil or customer specific.
17. Participate in the exchange of ideas within the department. Ask questions and encourage input from other team members.
18. Understand and embrace the business and IT strategic direction.
19. Provide regular updates to appropriate managers and conference with them on complex or unusual situations.
20. Demonstrate commitment to customer service: anticipate, meet and exceed customer expectations, solve customer problems quickly and effectively, make customer issues a priority.
21. Exchange knowledge and information with other Jabil facilities to ensure best practices are shared throughout the Jabil organization.
22. Ensure 100% adherence to all company, IT and department policy, processes and procedures.
23. Comply and follow all procedures within the company security policy.
24. May perform other duties and responsibilities as assigned.

JOB QUALIFICATIONS

KNOWLEDGE REQUIREMENTS

1. Customer service skills as well as effective communication skills – both verbal and written.
2. Ability to follow written and verbal directions.
3. Very good presentation skills.
4. Meticulous attention to details.
5. Strong organization and planning skills.
6. Ability to work effectively under pressure with constantly changing priorities and deadlines.
7. Ability to coordinate work from multiple resources, including remote ones.
8. Self-starter and the ability to work with minimal supervision.
9. Knowledge of Information Security frameworks such as ISO27001 and NIST.
10. Proficiency in use of personal computers, Microsoft Office products (Excel, Word and PowerPoint) and e-mail skills required.

EDUCATION & EXPERIENCE REQUIREMENTS

1. Bachelor's Degree required.
2. Degree in Computer Science or related discipline.
3. 3-5 years experience required in a compliance or audit environment, preferably facilitating Information Technology compliance and/or audit activities.
4. CISA Certification (Certified Information Systems Auditor) – or equivalent.
5. Experience in interpreting compliance requirements and generating supporting documentation for such activities is preferred.
6. Or an equivalent combination of education, training or experience.

WORKING CONDITIONS

1. Regular business hours. Some additional hours may be required.
2. Travel requirements: Domestic and/or International, up to 10%.
3. Climate controlled office environment during normal business hours.