Intern in Supply Chain Artwork with Sandoz, managing packaging artwork and collaborating with stakeholders. Learn about supply chain processes and project management in an international environment.
About the role
- Senior Supply Chain Risk Analyst at IonQ assessing and mitigating supply chain risks in quantum computing. Collaborating with teams to ensure compliance and security in third-party relations.
Responsibilities
- Conduct comprehensive security risk assessments of new and existing third party third parties, including SaaS providers, cloud services, hardware s, and critical business partners.
- Issue and evaluate security questionnaires, review external audit reports (e.g., SOC 2 Type 2, ISO 27001), and perform technical and physical security reviews (remote or on-site) for software, hardware, and services providers.
- Evaluate and ensure third parties adhere to organizational policies and best practices for the protective use and governance of data in AI systems and software, minimizing risk exposure.
- Maintain expertise in and actively address known supply chain risk types, including FOCI (Foreign Ownership, Control, or Influence), data theft & exposure, software and hardware backdoors/intrusion, counterfeit products, forced labor, geopolitical/trade disruptions, malware infection vectors and environmental.
- Partner with supply chain, legal, procurement, and business teams to identify third party risks and recommend appropriate risk treatment and remediation action plans.
- Assist in refining and maintaining a program to manage global supply chain risks, ensuring the integrity and security of hardware, software, and services from our third parties.
- Monitor third party relationships to ensure ongoing compliance with company policies, regulatory requirements (e.g., NIST, CMMC Level 2, GDPR, EAR, ITAR, UFLPA), and international government supply chain security programs such as CTPAT, AEO, and others.
- Serve as the first point of contact for third party security incidents, assisting with investigations and managing the response to minimize impact on the organization.
- Develop, build, and continuously improve the supply chain security and TPRM function by streamlining and automating processes, maintaining a third party inventory, developing key performance and risk metrics, and supporting AI modeling initiatives for predictive risk analysis.
- Partner with internal stakeholders to raise awareness about third party integration risks and communicate the results of risk assessments to ensure appropriate implementation of controls.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, Supply Chain Management, Criminal Justice, Business or a related field.
- 4+ years of experience in a third party/supply chain risk management, supply chain security, cyber security, physical security, product security and/or information security role.
- Strong understanding of information security principles and controls, including data protection, access management, and application security.
- Proven experience conducting security reviews for software, hardware, and services providers in the third party supply chain.
- Experience in quantitative analysis, including metrics development, data visualization, and supporting AI/ML model development.
- Experience with understanding and addressing known supply chain risk types (e.g., FOCI, data theft & exposure, software and hardware backdoors/intrusion, counterfeit product, forced labor, geopolitical/trade disruptions, malware).
- Familiarity with key security frameworks and standards such as ISO 27001, NIST 800-53, NIST 800-171, SOC 2 Type 2, FedRamp.
- Exceptional verbal and written communication skills, with the ability to clearly articulate complex security concepts to diverse audiences.
- Excellent investigative skills.
- Strong analytical, problem solving, attention to detail and organizational skills.
Benefits
- Comprehensive medical, dental, and vision plans
- Matching 401K
- Unlimited PTO and paid holidays
- Parental/adoption leave
- Legal insurance
- Home internet stipend
- Pet insurance!
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Supply Chain Intern at Occidental Petroleum focusing on RFQ package development and vendor research. Opportunity for students enrolled in Business or Engineering studies in Algeria.
Purchasing & Logistics Coordinator managing supply chain and purchase orders for electronics components. Ensuring timely delivery and collaboration with partnership factories in supportive environment.
Senior Director of Supply Chain managing overall supply chain operations at United Rotorcraft. Focused on S&OP, vendor management, and inventory planning.
Supply Chain Control Tower Architect at HARMAN defining and governing Supply Chain architecture and driving implementation strategy across operations and digital teams.
Analyst creating comprehensive coverage of pricing and demand outlooks for critical minerals. Collaborating across teams to meet client needs at S&P Global.
Associate Director managing critical mineral supply chain insights in Metals & Mining group of S&P Global Energy. Overseeing pricing, supply, and demand outlooks for critical minerals.
Supply Chain Specialist at Tecnica Group coordinating production plans and procurement strategies. Involving international travel, and teamwork on processes involving supply chain optimization.
Head of Supply Chain at Popeyes overseeing sourcing and logistics operations. Leading a team and optimizing supply chains in the French market.
Customer and Distribution Manager at Swiss Re Corporate Solutions overseeing distribution strategy and engagement with customers. Driving initiatives and strategies to enhance relationships and performance.