Job Description

About Oshkosh AeroTech, an Oshkosh company

Oshkosh AeroTech is a leading provider of aviation ground support products, gate equipment and airport services to commercial airlines, airports, air-freight carriers, ground handling and military customers. Oshkosh AeroTech offers products that make a difference in people's lives by supporting those in our communities who do some of the toughest work. They own many of the most trusted brands in the air transportation industry, including LEKTRO, JetAire, JetPower, AmpTekO, Jetway, and more.

JOB SUMMARY:

Monitors, identifies, and prioritizes supplier cyber risks in Oshkosh corporation's Global Procurement and Supply Chain (GPSC) that threaten digital systems and the continuity of supply.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Communicate to the supplier the weakness in their systems and work with them to secure gaps. Queries the supply base with a cyber vendor risk assessment, analyzes the responses using a dashboard, and publishes/communicates to stakeholders who use the data to make informed sourcing decisions Coordinates and collaborates with the Oshkosh Cyber Security team on cyber risks and mitigation Identifies and tracks multiple risk sources and risk events Coordinates the classification and tiering of suppliers by risks and risk impacts Push communication of immediate risks to GPSC individuals and leadership, for all types of threats, that are or may impede continuity of supply Collect information from Oshkosh segments and other various sources to publish a weekly risk report that is communicated to Oshkosh leadership Produce training materials for internal and external audiences concerning the use of risk tools and resources Monitor 3rd party financial analysis tool for possible supplier financial risk and publish/communicate concerns to accountable individuals Produces financial reports for GPSC individuals and leadership utilizing 3rd party analysis tool Update the supplier portal with supplier cyber and financial data for better sourcing decisions Build and maintain relationships in Oshkosh functional areas (e.g., Digital Technology, Central and Segment GPSC) Other duties as assigned. Regular attendance is required.

MINIMUM QUALIFICATIONS:

Bachelor's degree Two or more years of experience with supplier communication and assessing risk potential

PREFERRED QUALIFICATIONS:

Cybersecurity degree General understanding of cybersecurity and compliance, including the requirements for information systems and industry best practices, such as, CMMC, NIST 800-53, 800-171


Able to communicate conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients) Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills Experience in adult learning or other learning disciplines

CORE COMPETENCIES:

Internal Contacts:

Contact with peers and others involving explanation of information (these contacts may be within or outside department or division), and the gathering of factual information; may include the communication of sensitive or confidential information

External Contacts:

External contact involving a requirement to maintain a continuing external working relationship with individuals or organizations.

Communication Skills

Read, analyze and interpret scientific and technical journals, financial reports and legal documents; Prepare and/or present written communications that pertain to controversial and complex topics; Language: English.

Decision-Making:

Regularly makes decisions or responsibility, involving evaluation of information. Decisions may require development or application of alternatives or precedents.

Complexity, Judgment and Problem Solving:

Typically difficult or complex work. Generally governed by broad instructions and objectives usually involving frequently changing conditions and problems; Work requires the ability to plan and perform work in light of new or constantly changing problems, work from broad instruction, and deal with complex factors not easily evaluated.

Supervisory/Managerial:

General instructing, scheduling, and reviewing the work of others performing the same or directly related work.

WORKING CONDITIONS:

Physical Demands:

Frequent: Standing, Walking/Running, Sitting, Reaching, Hearing, Talking, Visual, Typing; Occasional: Driving, Fine Dexterity, Manual Dexterity; Upper Extremity Repetitive Motion; Seldom: Lifting/Carrying 25lbs., Pushing/Pulling 25llbs.

Non-Physical Demands:

Frequent: Analysis/Reasoning, Communication/Interpretation, Math/Mental Computation, Reading, Sustained Mental Activity (i.e. auditing, problem solving, grant writing, composing reports), Writing.

Environmental Demands:

Frequent: Work Alone, Frequent Task Changes, Tedious/Exacting Work; Occasional: High Volume Public Contact,

Work Schedule:

Routine shift hours. Infrequent overtime, weekend, or shift rotation. *

Demands/Deadlines:

High volume and variable work demands and deadlines impose strain on routine basis or considerable stress intermittently; OR regular direct contacts with distressed individuals within the immediate work environment; and/or exposure to demands and pressures from persons other than immediate supervisor

.