Enable job alerts via email!

Supply Chain Security Analyst

Department for Environment, Food and Rural Affairs

London

On-site

GBP 50,000 - 70,000

Full time

2 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Join a leading government department as a Supply Chain Security Analyst, where you will play a crucial role in managing security risks within the supplier network. This position involves working across the full supplier lifecycle, ensuring compliance with security standards, and contributing to the resilience of essential services across the UK. If you're passionate about cybersecurity and thrive in a collaborative environment, this role offers a unique opportunity to impact national security positively.

Qualifications

Experience in cyber, technical and information risk assessments.
Ability to communicate security requirements in business language.
Familiarity with security standards and best practices.

Responsibilities

Identify and manage security risks within the supplier network.
Review supplier bids and conduct risk assessments.
Build security terms into contracts.

Skills

Cyber Security

Information Security

Risk Management

Communication

Decision Making

Education

CISM

CRISC

CISSP

Tools

ISO 27001

ITIL

GDPR

Join to apply for the Supply Chain Security Analyst role at Department for Environment, Food and Rural Affairs

Get AI-powered advice on this job and more exclusive features.

Government security is undergoing a significant transformation, making this an exciting time to get involved. This opportunity could be your next big career move!

We are looking for someone who can bring enthusiasm, clarity and confidence to the increasingly important and evolving world of Supply Chain Security.

As a Supply Chain Security Analyst within Defra’s Digital Data Technology and Security (DDTS) team, you’ll take a lead role in identifying and managing security risks within our supplier network. This is a critical position, ensuring the resilience of systems that support essential services across the UK.

You’ll work across the full supplier lifecycle:

• Building robust security terms into contracts

• Reviewing supplier bids and supporting selection and onboarding

• Conducting risk assessments on key technology suppliers

This role sits at the intersection of procurement, technology, and national security. You’ll help shape the way we assess, engage with, and manage third-party risks, contributing to smarter, safer decisions.

Please note this post requires Security Check (SC) clearance. To gain (SC) clearance all applicants are required to have been a UK resident for a minimum of 5 years. If this requirement is not met, the individual will not be able to progress their application further.

Person specification

Responsibilities

Ensuring that suppliers of IT services to Defra effectively risk manage departmental information.
Improving supplier compliance with recognised security standards and best practice.
Identifying potential cyber security, physical/personnel security, IT security and information risks that can arise from contracting with a specific supplier, so that proportionate and appropriate arrangements are put in place.
Providing suppliers with early insight into the mandatory minimum-security requirements expected of them during the life of a contract.
Reviewing supplier Security Management Plans to ensure the supplier’s Information Security Management System is fit for purpose and accurately articulates how a contract will be delivered securely.
Reviewing of supplier contract compliance with Defra's security schedules and clauses during procurement.
Establishing and maintaining excellent relationships with internal and external partners to influence their activities and promote and enhance Supply Chain Security.

Skills and Experience

A clear understanding of Cyber Security, Information Security and Risk Management.
Able to speak Cyber Security in "Business language", whilst understanding how best to implement security requirements and controls within wider Business areas.
Experience of undertaking cyber, technical and information risk assessments/ using Security standards such as ISO 27001 and good practice guides/principles from technical bodies such as NCSC and CISA.
Good knowledge of Cyber security controls and risks, with certification such as CISM, CRISC, CISSP.
Experience of analysing disparate sources of security information quickly and providing sound advice and recommendations on requirements to stakeholders at all levels.
Excellent written and verbal communication skills with a range of stakeholders at different levels and the ability to build strong working relationships internally and externally.
Effective decision making, using evidence, available data and personal knowledge to provide clear, accurate and professional decisions.
Familiarity with best practice service management, data protection and Commercial methodologies, including ITIL, GDPR, and procurement legislation.

Please note that you are only registering your interest by clicking 'Apply' and this is not a formal job application. After pressing 'Apply', you will be contacted by a member of the DDTS Recruitment Hub and will inform you of next steps to formally apply for this role via Civil Service Jobs.

Seniority level

Seniority level
Mid-Senior level

Employment type

Employment type
Full-time

Job function

Job function
Information Technology
Industries
Government Administration

Referrals increase your chances of interviewing at Department for Environment, Food and Rural Affairs by 2x