Supplier Assurance Analyst
Founded in 2016 with only a handful of individuals, Quantexa was built with a purpose that through a greater understanding of context, better decisions can be made. 7 years, and 600+ employees later we still believe that today. We connect the dots within our Customers data using dynamic entity resolution and advanced network analytics to create context, empowering businesses to see the bigger picture and drive real value from their data. Quantexa empowers organisations to drive better decisions from their data. Using the latest advancements in big data and AI, Quantexa uncovers hidden customer connections and behaviours to solve major challenges in financial crime, customer insight and data analytics.
Quantexa has accomplished rapid global expansion and achieved a valuation of $1.8 billion in April 2023 making us the first UK Unicorn business for 2023. Due to our continuous success and high demand from our customers, we are looking for a Supplier Assurance Analyst with a proven track record to join the Quantexa family. 🚀
What does a Supplier Assurance Analyst role at Quantexa look like?
As a Supplier Assurance Analyst with previous experience in a similar role, you will be responsible for onboarding suppliers, performance management, and offboarding of all Quantexa third parties from an Information Security perspective. This is not a tick-box supplier assurance role, as the supply chain assurance process is taken very seriously at Quantexa. Risk management is critical to this role, so a clear understanding of an end-to-end supply chain risk is required.
As part of your role, you will collaborate closely with the procurement team, legal team, and essential business stakeholders. Your responsibilities will involve conducting risk assessments and audits of our suppliers' processes, systems, and, in some cases, facilities to ensure they comply with Quantexa's policies and standards.
- Work closely with the procurement team and business stakeholders to identify and mitigate information security risks associated with our supply chain;
- Own and assess information security threats, controls and processes of all Quantexa third parties and move towards a continuous assurance model;
- Provide security guidance to suppliers to ensure suppliers understand and comply with Quantexa's security policies and standards and, if required, make positive recommendations;
- Conduct required due diligence and assessments of third-party information security policies, standards, and controls and work with suppliers to ensure third-party contracts and service agreements contain adequate model clauses to protect Quantexa assets;
- Maintain a repository of supplier data and artefacts, including supplier certifications, and assign risk scores to suppliers and partners;
- Conduct annual Security Impact Assessments (SIAs) and undertake User Entitlement Reviews (UERs), for all onboarded suppliers as per agreed policy;
- Undertake and report on supplier performance and identify areas for improvement and risk;
- Assist in managing security incidents and breaches related to suppliers, working with internal and external teams to remediate issues promptly;
- Stay up to date with industry trends and regulatory requirements related to supplier quality management;
- Specific duties or responsibilities may be reviewed occasionally to reflect changes in personnel and management structure, staff location or services, and other responsibilities within the Information Security function.
- Confident in making independent decisions;
- Keen attention to detail and accuracy in analysing documents;
- An excellent understanding of a supplier lifecycle, including onboarding, performance review and then offboarding
- Ability to convey technical concepts in layman’s terms;
- Ability to interact effectively and influence external vendors;
- Broad knowledge of risk management, vulnerability management, and third-party risk;
- Possess a sufficient understanding of technical concepts, including systems, networks and security architecture best practices, to evaluate risk and assess the effectiveness of controls effectively
- Solid information security risk identification (including SaaS services), assessment, and risk ranking experience
Working knowledge of the following documents is preferred:
- SIG (Standardized Information Gathering) questionnaire;
- Vendor Security Alliance (VSA);
- CAIQ – Cloud Security Alliance;
- XaaS Supplier T&Cs;
- Application of supplier schedules and model clauses;
- Understanding of penetration & Vulnerability testing processes;
Basic understanding of the below certifications:
- SOC 2
- ISO 27001, ISO 27017, and ISO 27018
- Cyber Essentials +
Why join Quantexa?
We know that just having an excellent glass door rating isn’t enough, so we’ve put together a competitive package as a way of saying thank you for all your hard work and dedication.
- Regularly benchmarked salary rates at the highest quarter following all principles of equal pay & company bonus
- Flexible working hours in a hybrid workplace & free access to global WeWork locations & events
- Pension Scheme with a company contribution of 6% (if you contribute 3%)
- 25 days annual leave (with the option to buy up to 5 days) + birthday off!
- Work from Anywhere Scheme: Spend up to 3 months working outside of your country of employment over a rolling 12-month period
- Work from Home Allowance
- Family: Enhanced Maternity, Paternity, Adoption, or Shared Parental Leave
- Health & Wellbeing: Private Healthcare, EAP, Well-being Days, Calm App, Gym Discounts
- Team's Social Budget & Company-wide Summer & Winter Parties
- Tech & Cycle-to-Work Schemes
- Volunteer Day off
- Dog-friendly Offices
Quantexa is proud to be an Equal Opportunity Employer. We’re dedicated to creating an inclusive and diverse work environment, where everyone feels welcome, valued, and respected. We want to hear from people who are passionate about their work and align with our values. Regardless of race, beliefs, colour, national origin, gender, sexual orientation, age, marital status, neurodiversity or ableness – whoever you are, if you’re a curious, caring, and an authentic human being who wants to help push the boundaries of what’s possible, we want to hear from you.
Something looks off?