Cybersecurity Supply Chain Risk Manager

Company Overview

Motorola Solutions is there for our customers when everything is on the line. In extreme moments — when a hurricane lands or when a fire breaks out. And in everyday moments — when a package arrives just in time for the holiday or when a child doesn’t miss the school bus home. 

We unify voice, data, video and analytics in one integrated ecosystem to enable individuals, businesses and communities to work together in more powerful ways. To help people make better decisions, act confidently and be their best in the moments that matter. Bring your passion, potential and talents to Motorola Solutions and connect with a career that matters.

Department Overview

Motorola Solutions Inc. (MSI) is leading provider of Mission Critical Communications Solutions for Public Safety and Government Users as well as key enabler for Commercial Communication products, making sure our Customers have the information they need at hand in the Moments that Matter.
The Products & Services (P&S) Organization within Motorola Solutions is responsible for development of the company’s mission critical communications and mission critical intelligence portfolio, including command center applications (on-prem, SaaS, hybrid), Land Mobile Radio (LMR) and LTE solutions, as well as managed and support services around the world. The P&S organization also includes the company’s procurement and supply chain operations.
The P&S Cybersecurity Governance Risk and Compliance (GRC) Team drives risk-based cybersecurity management across all of P&S products and solutions portfolios. As a GRC Cybersecurity Supply Chain Risk Manager, you will be responsible for identifying and managing risks within the P&S supply chain. The role additionally provides end-to-end oversight and risk governance for the cybersecurity supply chain security program.
Job Description

Core responsibilities include, developing and maintaining the cybersecurity supply chain program, assessing vendors, working with stakeholders to mitigate identified risks and supporting the procurement organization during contract negotiations with vendors.

Job Description:

You will be responsible for:

• Developing and maintaining the cybersecurity supply chain program aligned to industry best practices

• Managing the vendor assessment program, including continuous improvement initiatives

• Support the management of identified supply chain cybersecurity risks.

• Support and consult on 3rd party contracts covering all aspects of cybersecurity.

• Define key reporting metrics and KPIs to show the effectiveness of of the program

• Being the Cybersecurity Subject Matter Expert during contract negotiations with vendors

• Providing reports and updates to senior management and key stakeholders related to the overall program

• Monitoring progress of mitigation plans and driving mitigation owners towards completion

• Providing consulting services to business teams and vendors with regard to potential risks and mitigations.

• Collaborating with stakeholders and vendors to improve a vendor’s overall security posture

• Engaging with key stakeholders to ensure the program is followed across the organization

• Leading the incident and event response for any vendor related security incidents

• Conducting Cyber and Open Source Software due diligence during Merger and Acquisition activities

• Collaborating with other teams during internal and external audits

• Participating in activities of the Products & Services GRC team, including governance, compliance, risk management, security policy, best practices, and security awareness, including:

• Support product focused risk management strategies that align with business goals and fully cover confidentiality, integrity and availability

  • Assist in identifying security policy & control gaps and recommend remediation solutions

  • Collaborate with product development and information security teams to refine security strategies which protect customer facing solutions

  • Bring innovation and creativity in applying risk management to a dynamic and cutting edge technology business

  • Conduct periodic compliance risk assessments against Motorola Solutions Security Policies and Standards using both quantitative and qualitative methods

  • Support audits against Motorola Solutions Security Policies and Standards and/or NIST CSF or NIST FedRAMP standards

• Ability to identify and escalate issues and challenges in a timely manner with senior leadership

• Proactively manage challenges and obstacles with multiple teams providing guidance and solutions

Behaviors

• ​Leadership - Drive multiple teams on a single goal

• Collaboration - Excellent team building, ability to bring multiple business units and development/engineering teams together in a common goal.

• Communication - Strong written and verbal skills ability to communicate at all levels within the organization up senior VP

• Methodical and Organized

• Highest level of integrity in dealing with confidential and sensitive information

• Strong written and verbal communication skills

• Exercise exceptional tact and diplomacy when interfacing with other teams and senior management

• Proactive approach and enthusiasm for problem identification and solving

• Ability to work under pressure with minimal supervision and deliver quality results on time 

• Flexible and able to adapt to changing priorities

Specific Knowledge/Skills

• Experience with Risk Management, Vulnerability Management and Security Assurance 

• Helpful to have knowledge of cloud services provided by industry leaders like AWS, Microsoft Azure, 

• Must have technical knowledge and/or experience in security, networking, systems administration, database administration, architecture and other technical domains.

• Knowledge and experience in documentation of security policies, standards, and processes.

• Experience with Incident Response and Crisis Management

• Experience with Partner and Supplier relationships.

• Ability to communicate concepts and terminology in security domains including governance, risk management, architecture, compliance, and operations and be able to express them in a clear and concise manner, including to less technical audiences such as customers

• Should be a self-starter who demonstrates complete ownership over assigned objectives and is able to work independently

• Highest level of integrity in dealing with confidential and sensitive information

• Leadership and passion about continuous improvement.

• Proactive approach and enthusiasm for problem identification and solving

• Flexible and able to adapt and drive to changing priorities

• Experience managing complex programs in a global environment

• Ability to make objective decisions in a high pressure cross functional environment

• Strong oral and written communications

• Excellent interpersonal skills

• Domestic and International travel required - total < 25%

Basic Requirements

• Bachelor’s Degree (or equivalent experience) 

• Minimum of 5+ years experience in information security

• One or more of the following certifications: CISSP, CCSP, CISM CISA, Equivalent industry certifications will be taken into consideration. 

Vaccine Requirement

Motorola Solutions has implemented a voluntary COVID-19 vaccination policy. We strongly encourage all employees to be fully vaccinated. Additionally, certain local governments or Motorola Solutions' customers may have vaccine requirements that apply to some of our employees. These employees are required to submit proof of vaccination to Motorola Solutions and maintain compliance with these requirements.

Travel Requirements
Relocation Provided
Position Type
Referral Payment PlanYes

Our U.S. Benefits include:

• Incentive Bonus Plans
• Medical, Dental, Vision benefits effective Day 1
• 401K with Company Match and Day 1 vesting
• 9 Paid Holidays
• Generous Paid Time Off Packages
• Employee Stock Purchase Plan
• Paid Parental & Family Leave
• and more!

EEO Statement

Motorola Solutions is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran's status, or, any other protected characteristic.