Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst #1756008
About The Position
The Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst supports the Agency's Office of the Chief Information Officer (OCIO) by managing cybersecurity risks associated with the Agency's complex, globally distributed, and interconnected supply chain ecosystem for information, communications, and operational technology (ICT/OT). This role ensures that ICT/OT products and services meet security, integrity, and resilience standards throughout their lifecycle. The position involves analyzing procurement documentation, assessing supplier risk, and supporting tiered determinations that inform procurement or redirection of assets.
Requirements
- U.S. Citizenship is required
- Must possess an active TS clearance at the time of application, be willing and able to obtain SCI access, and pass a CI polygraph.
- This position is onsite 5/days a week in Washington D.C.
- Bachelor's degree from an accredited institution in computer science, business management, or an IT-related discipline
- 8+ years of experience in cybersecurity, risk management, or supply chain analysis.
- Equivalent combinations of experience, certifications, or demonstrated prior work may substitute for formal experience
Nice To Haves
- Certifications: Network+ and Security+ or equivalent IT certifications (preferred)
Responsibilities
- Provide analytical support to identify, assess, and mitigate cybersecurity risks of supply chain compromise-both intentional and unintentional.
- Evaluate and manage risks associated with the distributed and interconnected nature of ICT/OT product and service supply chains.
- Ensure the integrity, security, quality, and resilience of the supply chain and its products and services.
- Develop detailed technical vulnerability reports for ICT products and "as-a-service" procurements.
- Identify areas where existing security policies and procedures require updates or where new ones should be developed, particularly in support of business expansion.
- Provide subject matter expertise on information security to technology teams and enterprise projects.
- Contribute to the creation of security architecture standards for the adoption of new technologies.
- Identify, quantify, and recommend mitigation actions for security risks impacting enterprise projects.
- Produce management reporting, including metrics and analyses that inform senior leadership about the state of supply chain risk and information security posture.
- Maintain awareness of industry trends, cost drivers, and business factors influencing the Agency's information security and supply chain programs.
Benefits
- comprehensive health, dental, vision, pet, and legal insurance
- 401(k) retirement matching
- paid leave
- paid holidays
- health and wellness programs
- employer-paid life and disability insurance
- professional development
- education benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Number of Employees
11-50 employees
