Search jobs
Back to search Apply now
Ref: #70313

Business Analyst – Third-Party Software Supply Chain Security

Business Analyst – Third-Party Software Supply Chain Security
Hybrid – 8 days per month on-site in London, Brussels, Paris or Amsterdam
Initial 12-month contract (extendable)

We’re looking for an experienced Business Analyst to join a major security initiative within the CISO division of a leading global financial market infrastructure provider.

This role is part of a multi-year programme focused on enhancing third-party software supply chain security, helping to design and deploy new governance, risk, and control processes around supplier-provided software and SaaS solutions.

What You’ll Do

You’ll play a key role in shaping and delivering a new framework that ensures third-party software suppliers meet the organisation’s security expectations. Specifically, you will:

  • Define and implement governance for supplier-related software security activities (RACI, Committees, etc.).

  • Design and document new processes to assess, track, and manage supplier software security and associated vulnerabilities.

  • Support the creation of data models and reporting mechanisms linking third parties, software, and cloud dependencies.

  • Coordinate across multiple teams (Supply Chain, CISO, IT Risk, GTS) to align practices and cascade security strategy.

  • Contribute to compliance with DORA and internal security governance frameworks.

  • Help operationalise monitoring, response, and escalation processes for supplier incidents or vulnerabilities.

What We’re Looking For

  • Strong background in process design, governance frameworks, and documentation (BPMN or similar).

  • Proven ability to design IT governance models (RACI, Target Operating Models, ITIL, COBIT, etc.).

  • Excellent communication and coordination skills — able to work across business, IT, and security functions.

  • Experience working in financial services or another regulated environment.

  • Knowledge of security and risk frameworks (CISM, ISO 27001, NIST, etc.) is a plus.

  • Previous experience with Euroclear or similar global financial institutions is advantageous.

Key Details

  • Contract: 12 months (extendable)

  • On-site requirement: 8 days per month (including 8–10 days per year in Brussels)

  • Locations: Belgium, France, Netherlands, or the UK (UK candidates only via accredited umbrella companies)

If you have a strong mix of governance, process design, and cybersecurity understanding — and want to help build a security framework from the ground up — we’d love to hear from you.

Fügen Sie eine Lebenslaufdatei an. Akzeptierte Dateitypen werden DOC, DOCX, PDF, HTML und TXT.

Wir laden Ihre Bewerbung hoch. Es kann einige Augenblicke dauern, bis Sie Ihren Lebenslauf lesen können. Bitte warten!