Senior Supply Chain Risk Analyst at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Supply Chain Risk Analyst in United States.

This role is a critical part of protecting and strengthening organizational operations by proactively managing supply chain risks. You will assess and mitigate risks across a diverse third-party ecosystem, including software, hardware, and services providers. By leveraging expertise in cybersecurity, compliance frameworks, and supply chain management, you will ensure that third-party relationships align with organizational standards and regulatory requirements. This position requires close collaboration with cross-functional teams to implement effective risk controls and response strategies. You will contribute to strategic decision-making, monitor emerging threats, and support AI-driven predictive risk initiatives. Operating in a dynamic and innovative environment, your work will safeguard organizational assets and enable secure, efficient operations at scale.

• Conduct thorough risk assessments and due diligence for new and existing third-party vendors, including SaaS, cloud, and hardware providers
• Review security documentation, audit reports (SOC 2, ISO 27001), and perform on-site or remote technical and physical security evaluations
• Ensure third parties comply with data protection and AI governance policies, mitigating potential exposure risks
• Monitor and address supply chain risk types such as FOCI, counterfeit products, forced labor, geopolitical disruptions, malware, and other vulnerabilities
• Partner with legal, procurement, and business teams to recommend remediation actions and risk mitigation plans
• Serve as the first point of contact for third-party security incidents and support investigations
• Maintain risk metrics, predictive AI modeling, and process automation to strengthen third-party risk management

Requirements:

• Bachelor’s degree in Cybersecurity, IT, Computer Science, Engineering, Supply Chain Management, Business, or related field
• 6+ years of experience in third-party/supply chain risk management, cybersecurity, or related roles
• Strong understanding of information security principles, including access management, application security, and data protection
• Experience reviewing security and compliance for software, hardware, and services providers
• Knowledge of key supply chain risk types and ability to implement mitigation strategies
• Familiarity with frameworks such as ISO 27001, NIST 800-53/171, SOC 2 Type 2, FedRamp, CMMC Level 2
• Excellent analytical, problem-solving, investigative, and communication skills
• Strong attention to detail, organization, and ability to manage multiple priorities

Preferred Qualifications:

• Relevant security certifications (CISA, CISSP, CPP, PSP, PSC)
• Experience with international government supply chain programs (CTPAT, AEO)
• Direct experience in trade compliance, business continuity planning, or forced labor risk programs
• Familiarity with AI/ML governance, data security requirements, and leveraging generative AI for efficiency
• Knowledge of supply chain operations, logistics, and third-party management best practices

Benefits:

• Competitive base salary with bonus and equity opportunities
• Comprehensive health, dental, and vision coverage, plus wellness programs
• 401k plan with company match
• Generous Paid Time Off, paid holidays, parental/adoption leave
• Legal insurance and home technology stipend
• Flexible work arrangements including hybrid, onsite, or fully remote options
• Supportive and inclusive work environment with opportunities for career growth