Mid - Cybersecurity Supply Chain Risk Mgt Analyst

About The Position

Requirements

• An ACTIVE and MAINTAINED Top Secret with SCI (TS/SCI) Federal or DoD security clearance; must maintain eligibility to UPGRADE and MAINTAIN a CI Polygraph Federal or DoD security clearance.
• Bachelor's Degree.
• ONE (1) year of experience in Cybersecurity, Security System Design, Security Controls, Cybersecurity Framework, Zero Trust and/or Cloud Security.

Nice To Haves

• An ACTIVE and MAINTAINED TS/SCI Federal or DoD security clearance with a COUNTERINTELLIGENCE (CI) polygraph.
• Experience assessing and processing supply chain recommendations aligned with Zero Trust principles, threat scenarios, reference architectures and governance frameworks.
• Certifications of CYSA+, Security+, CISSP, CASP, CND or relevant certifications.
• Experience in professional services consultancy and federal cybersecurity industry.
• Security controls based on cybersecurity principles and tenets, NIST SP 800-53, CSF.
• Strong knowledge of FEDRAMP, FISMA, NIST SP 800-53, and other federal cybersecurity related policies directives and mandates.
• Strong knowledge of applications of security technologies, products and tools.
• Demonstrated ability to work independently under general supervision.

Responsibilities

• Identify, assess, and mitigate the threats and vulnerabilities of IT procurements through operational focused risk assessment and mitigation plans.
• Conduct vulnerability and threat assessments of suppliers, software, hardware, and overall supply chain processes to pinpoint potential risks.
• Streamline the procurement process, balancing risk avoidance and operational requirements.
• Provide analytical support to manage the increasing risk of supply chain compromise related to cybersecurity.
• Ensure business continuity and minimize disruptions by identifying and mitigating risks that could impact critical operations and mission effectiveness.
• Perform due diligence on potential and existing suppliers to ensure their products maintain adequate security measures and meet compliance requirements.
• Identify, assess, and mitigate the risks associated with the distributed and interconnected nature of product and service supply chains.
• Ensure the integrity, security, quality and resilience of the supply chain products and services.
• Develop and recommend strategies to mitigate identified risks, which may include enhancing technical controls, updating internal policies, or collaborating with vendors to improve their cybersecurity posture.
• Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risks to an acceptable level.
• Evaluate risks that may include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the cybersecurity-related elements of the supply chain.
• Apply security policies to meet the security objectives of the environment.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend