FCC - SCRM/Emerging Technology Security Analyst
About The Position
cFocus Software is seeking a SCRM/Emerging Technology Security Analyst to support the Federal Communications Commission (FCC). This is a remote position that requires the ability to obtain a Public Trust clearance. The role involves supporting Supply Chain Risk Management (SCRM) activities, assessing risks associated with emerging technologies like AI, automation, and cloud services, and providing recommendations for secure technology adoption. The analyst will also be responsible for developing and maintaining SCRM documentation, conducting security reviews, analyzing threats, and collaborating with various teams to ensure compliance with federal cybersecurity frameworks.
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
- 3–7+ years of experience in cybersecurity, risk management, or supply chain security.
- Experience supporting enterprise cybersecurity environments of similar scale and complexity.
- Knowledge of NIST frameworks (RMF, CSF), FISMA, and federal security standards.
- Experience with third-party risk management, vendor assessments, or SCRM programs.
- Familiarity with AI/ML security risks and emerging cybersecurity trends
- Strong analytical and risk assessment capabilities
- Knowledge of supply chain threats and mitigation strategies
- Understanding of AI/ML security risks and governance
- Experience with security documentation and reporting
- Excellent communication and stakeholder coordination skills
- At least one relevant cybersecurity certification such as: CISSP, CISM, or Security+
- Certified in Risk and Information Systems Control (CRISC)
- Certified Supply Chain Professional (CSCP) or equivalent (preferred)
Nice To Haves
- Certified Supply Chain Professional (CSCP) or equivalent
- Additional role-based certifications related to cloud, AI security, or risk management are desirable.
Responsibilities
- Support Supply Chain Risk Management (SCRM) activities including analysis of third-party/vendor risks, documentation, and mitigation strategies.
- Assess risks associated with emerging technologies including AI, automation, and cloud-based services.
- Provide risk-informed recommendations for secure adoption of new technologies.
- Support development and maintenance of SCRM documentation, policies, and processes.
- Conduct security reviews of vendors, software, and emerging platforms.
- Analyze cybersecurity threats related to supply chain and emerging technologies.
- Collaborate with compliance, engineering, SOC/NOC, and risk teams.
- Support reporting activities including SCRM status reports, risk registers, and audit artifacts.
- Identify gaps in SCRM and emerging technology security practices and recommend improvements.
- Assist with governance and compliance activities aligned to NIST, FISMA, and federal cybersecurity frameworks.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
