← All jobs

Security Supply Chain Risk Management Specialist

Bangalore, IN

Up to INR 4,000,000/ year

Cyber Security EngineerRisk AnalystCyber ConsultantSecurity AnalystCompliance ManagerCompliance Officer

hackajob is partnering with Colt Technology Services to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Job ID: 36648

Job Location- Bangalore/Gurugram

Job Level- S2 Core

Employment Type- Full Time

Why we need this role

We are seeking a Security Supply Chain Risk Management Specialist to join our Security Governance, Risk and Compliance (GRC) team. This role is responsible for identifying, assessing, managing, and monitoring security and ICT risks arising from thirdparty suppliers, outsourcing arrangements, and subcontractors across the full vendor lifecycle.  

The position plays a critical role in ensuring compliance with DORA, NIS2, ISO/IEC 27001, and related regulatory and contractual obligations, while strengthening the overall digital and operational resilience of the organization.  

Join us and you will be part of a fast-growing community of like-minded experts to grow and learn alongside you in your career.                  

What you will do

Third‑Party Security Risk Management  

  • Design, operate, and continuously improve the security supply chain risk management framework  
  • Perform security risk assessments and due diligence of ICT suppliers, cloud providers, SaaS vendors, and critical service providers  
  • Classify suppliers based on criticality, data access, service dependency, and systemic risk  
  • Identify and track concentration risk, single points of failure, and exit complexity 

Regulatory & Framework Alignment  

  • Ensure third‑party security controls and processes align with:   
  • DORA (ICT third‑party risk management requirements)  
  • NIS2 supply chain security obligations  
  • ISO/IEC 27001:2022 Annex A (supplier and ICT supply chain controls

Supplier Lifecycle & Contractual Controls  

    • Define and enforce security requirements for supplier onboarding, including:   
    • Minimum security baselines  
    • Evidence expectations (ISO certifications, SOC reports, penetration test summaries, etc.)  
    • Review and contribute to security‑related contractual clauses, including:   
    • Audit and access rights  
    • Incident notification timelines  
    • Sub‑outsourcing controls  
    • Exit, portability, and business continuity provisions  
    • Support secure offboarding and exit strategies for ICT providers  

Continuous Monitoring & Assurance  

  • Establish and maintain ongoing monitoring of supplier security posture  
  • Track remediation plans, risk acceptances, and exceptions  
  • Coordinate periodic reassessments of critical and high‑risk suppliers  
  • Maintain accurate supplier risk documentation and registers  

Reporting & Stakeholder Engagement  

  • Provide risk reporting and insights to security leadership and management  
  • Support internal awareness on supply chain risk trends and emerging threats  
  • Engage constructively with suppliers to drive risk reduction and security maturity  

What we're looking for

Must haves:

  • Proven experience (typically 5+ years) in:   
  • Third‑party risk management  
  • Information security risk management  
  • Technology, cloud, or outsourcing risk  
  • Strong understanding of ICT and cybersecurity risk concepts  
  • Supplier and outsourcing models  
  • Practical familiarity with ISO/IEC 27001 and supplier‑related controls  
  • Experience working with risk assessments, control frameworks, and remediation tracking  
  • Strong analytical and risk‑based thinking  
  • Ability to translate regulatory requirements into actionable controls  
  • Confident communication with technical, legal, and business stakeholders  
  • Structured, detail‑oriented, and audit‑ready mindset  
  • Pragmatic approach to balancing security, compliance, and business needs  

hackajob is partnering with Colt Technology Services to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Upskill

Level up the hackajob way. Verify your skills, learn brand new ones and test your ability with Pathways, our learning and development platform.

Find out more

Ready to reach your potential?

Find out more