Job title: Business Analyst_Supplier Risk Management
Job type: Contract
Emp type: Full-time
Pay interval: Daily
Pay rate from: GBP £300.00
Pay rate to: GBP £325.00
Location: PRESTON
Job published: 21/06/2025
Job ID: 32970
Contact name: Dr Sanjeev Mehta
Contact email: sanjeev@sushtalent.co.uk

Job Description

Job Title-Business Analyst_Supplier Risk Management

Client-Global Consulting Firm, End customer-Utility Company

Day Rate-£300-£325 (Outside IR35)

Duration-3-6 months (extendable)

Location-Preston (Hybrid, 1 day per week travel required to the office)

 

  • To support the Third Party Risk Management Framework definition, primarily supporting with data analysis and process documentation creation. 

 

  • Supplier Inventory Analysis - Liaise with Procurement to pull data from systems that harbour supplier data for both IT & non-IT vendors, and populate the data template provided. Where there are gaps in data, BA will need to engage the relevant stakeholders to fill in the gaps.

 

  • Supplier Intake Process - Work closely with the delivery partner team and attend calls/discussions with Procurement to capture meeting minutes and collate a high-level view of the different ways a supplier (or service) can be procured. BA, with the guidance of delivery partner, to produce formal process documentation once the supplier intake process has been agreed with stakeholders, including an MS Visio showing the process flow.

 

  • Inherent Risk Assessment & Supplier Categorisation Process - Under delivery partner guidance, formally document an agreed supplier categorisation process with the MS Visio workflows. Apply categorisation process to the prioritised list of suppliers from the Supplier Inventory Analysis.

 

  • Under delivery partner guidance, formally document the end to end supplier assessment process and question domains.

 

  • Cyber Supplier Risk Library & Action Plans - Collate all tracked supplier cyber risks and themes, work with delivery partner and cyber stakeholders to identify additional risks that need to be added into the risk library. Using templates provided by delivery partner, populate the risk library. Lastly, work with delivery partner to document the mitigation strategies for each risk in the library.

 

  • Ongoing Monitoring & Re-assessment process - Work closely with delivery partner to define ongoing monitoring requirements and a re-assessment process. Agreed processes and methodology to be formally documented.