Senior Cyber-Supply Chain Risk Management Specialist
Job in
Phoenix, Maricopa County, Arizona, 85003, USA
Listed on 2026-07-13
Listing for:
Jobtailor
Full Time
position Listed on 2026-07-13
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Business Analyst
Job Description & How to Apply Below
Responsibilities
- Maintain and evolve the enterprise C‑SCRM control framework and requirements to ensure alignment with corporate risk strategy, regulatory requirements, and industry best practices (including emerging frameworks)
- Lead control implementation verification and evidence collection for internal and external audits, assessments, and certification efforts (Customer Request For Information (RFIs), supplier attestations, and third‑party assessments)
- Develop and maintain critical program governance documentation to operationalize the C‑SCRM lifecycle across internal and external requirements
- Coordinate with procurement, legal, engineering, compliance, security, and supply chain teams to operationalize C‑SCRM controls across the supplier lifecycle
- Support mapping and traceability of policies/controls to the organization’s control frameworks and to external standards and assessment frameworks
- Prepare and present evidence packages and narratives for audit, certification, and customer‑facing activities; own remediation tracking and closure
- Participate in supplier risk assessments, continuous monitoring activities, and incident/issue management across the supplier ecosystem
- Drive integration of C‑SCRM controls into Governance, Risk, and Compliance (GRC) processes and platforms—especially issue management and remediation workflows
- Provide subject‑matter guidance on secure software supply chain practices (e.g., Software Bill of Materials (SBOMs), build/release controls) and supplier software assurance expectations
- 10+ years of experience working in risk management, governance, and regulatory requirements related to cybersecurity
- 5+ years of experience with cybersecurity and regulatory frameworks including NIST 800‑53, NIST 800‑171, CMMC, ISO, GDPR, ITAR or similar frameworks
- 5+ years of experience with developing and managing governance and/or leading process improvement
- 3+ years of experience supporting internal and external audits, customer RFIs, certifications, and assessment programs; proven ability to prepare evidence packages and present to auditors/customers
- 3+ years of experience with Governance, Risk and Compliance (GRC), Information Technology (IT) Audit, Information Security, Vulnerability Management, and Compliance
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×