Supplier Cyber Risk Manager
McKinsey & Company | |
parental leave, paid time off | |
United States, Pennsylvania, Philadelphia | |
Dec 18, 2024 | |
The McKinsey recruiting team will be celebrating the holidays and there will be no online application support available starting December 24th, regular support would resume by January 6th. Please refer to our site https://www.mckinsey.com/careers/application-faq for frequently asked questions. Thank you and wishing you happy holidays! Procurement Supplier Cyber Risk Manager Job ID: 94044 Are you driven by the opportunity to tackle complex challenges and work alongside top leaders? Do you want to be part of a team that delivers outcomes that others simply can't?
If so, you've come to the right place.
Who You'll Work With
You will be part of Optimize, McKinsey's global procurement capability, enhancing and protecting the firm's resources and reputation by making responsible buying easy and creating leading solutions and experiences across our supplier ecosystem.
We are hiring for a Manager within the Cyber & Data Risk pillar of Optimize's Supplier Risk & Social Responsibility team. This team leads and oversees the firm's global supplier risk management program across risk domains. You will report to the Director of Supplier Risk Strategy and work cross-functionally with key stakeholders including Cybersecurity, Cyber Legal and Compliance as you support, shape and deliver on the firm's supplier cybersecurity risk initiatives and strategies. You will be based out of the Philadelphia, Washington DC, Atlanta, Denver, Miramar, or Tampa offices. Your impact within our firm
In this role, you will be responsible for mitigating supplier cybersecurity risks in the firm's supplier onboarding process and across its supply base.
You will lead strategy development and program execution of the next generation of cyber supplier risk management program. This will include designing a risk-based cyber diligence methodology, evaluation framework, ongoing monitoring, issue management and related risk artifacts. You will ensure the robustness and efficiency of cyber controls in our end-to-end procurement lifecycle, while being able to balance cybersecurity requirements with supplier risk and business objectives. You will deliver on and represent Optimize supplier cybersecurity priorities across the firm.
You will assess and analyze supplier data and cybersecurity risks across our procurement processes. You will report on clear program metrics including security compliance for suppliers, incidents, Key Performance Indicators (KPIs) and Objectives and Key Results (OKRs). You will proactively identify risk areas and opportunities and collaborate with cross functional teams to problem solve viable solutions. You will gain alignment and lead/support the implementation of agreed recommendations on behalf of the procurement team.
You will foster and champion a "risk first" culture and create awareness across the firm on supplier cybersecurity risk topics. You will build rapport and develop trust-based relationships with key stakeholders and other risk teams that work on supplier and cybersecurity issues. You will be a subject matter expert and advise colleagues on cyber risk topics as they relate to supplier and procurement processes. Your qualifications and skills
Please review the additional requirements regarding essential job functions of McKinsey colleagues. Apply Now Apply Later FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law. Certain US jurisdictions require McKinsey & Company to include a reasonable estimate of the salary for this role. Additionally, we provide a comprehensive benefits package that reflects our commitment to the wellness of our colleagues and their families. FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details Job Skill Group - CSSA
Job Skill Code - MPC - Procurement Manager Function - Industry - Post to LinkedIn - Yes Posted to LinkedIn Date - Thu Dec 19 00:00:00 GMT 2024 LinkedIn Posting City - Philadelphia LinkedIn Posting State/Province - New Jersey LinkedIn Posting Country - United States LinkedIn Job Title - Supplier Cyber Risk Manager LinkedIn Function - Consulting;Supply Chain LinkedIn Industry - Management Consulting LinkedIn Seniority Level - Mid-Senior level |