Supply Chain Risk Management Analyst

About The Position

Requirements

• Deep familiarity with software supply chain risks and the broader defense industrial base
• Strong working knowledge of SCRM NIST 800-53 control family to mitigate risks in the supply chain, with experience drafting documentation to support compliance and process.
• Expert understanding of DFARS, FAR, TAA, and supply chain relevant compliance topics: NDAA 889, 1260H, nearshore/offshore guidance, country of origin risks and critical supply chain considerations.
• Ability to operate as an independent, action-oriented self-starter, prioritizing and managing multiple workstreams in a fast-paced environment.
• Proven success working within cross functional teams, adapting to changing priorities and providing leadership within complex matrixed environments.
• Familiarity with Quality Standards ISO 9001:2015 and AS9100 with demonstrated ability to integrate quality principals into supply chain risk processes.
• Advances skills in process integration including building workflows, identifying gaps and developing improvements to increase efficiency and reduce risk.
• Excellent interpersonal and communication skills, capable of conveying technical information clearly to both technical and non-technical audiences.
• Excellent time management skills with the proven ability to meet deadlines.
• Strong analytical and problem-solving skills.
• Outstanding written and oral communication skills, including development of formal assessments, reports and presentations.
• Self-starter, Action oriented, can handle multiple tasks at once
• Familiarity with software suppliers, software supply chain risks, and the defense industrial base broadly.
• Familiarity with SCRM NIST 800-53 control family to mitigate risks in the supply chain, with experience drafting documentation to support compliance and process.
• Expert familiarity with DFARS, FAR, TAA, and supply chain relevant compliance topics: NDAA 889, 1260H or similar.
• Understand concepts around nearshoring, friendshoring, country of origin, and other relevant supply chain risk topics.
• Applicants selected for this position will be required to obtain and maintain a government security clearance.

Responsibilities

• Lead vulnerability identification activities by conducting advanced analysis of systems, programs and architectures to determine crucial components, high-risk areas, and potential impacts across defense program supply chains.
• Conduct independent assessments and validations of supplier security practices to ensure compliance with federal defense and organizational requirements; document findings and provide expert recommendations to leadership and customers.
• Compile, synthesize and present complex risk assessments to internal stakeholders, executive leadership, and external customers to support informed decision making.
• Monitor and document major changes affective supply chain risk, quality, resilience, and compliance, ensuring that risks are escalated and mitigated proactively.
• Evaluate enterprise and supplier-level risks within Draper’s SCRM programs, identifying systemic issues and recommending improvements to strengthen program maturity.
• Drive enhancements to the existing SCRM framework by incorporating stakeholder feedback, industry best practices and emerging regulatory requirements; lead implementation of approved updates.
• Perform rigorous quality checks of supplier reviews, ensuring data accuracy, completeness, and analytical integrity; investigate discrepancies and deliver corrective action guidance.
• Collaborate cross functionally with engineering, product development, operations and security teams to ensure SCRM processes, standards and operations align with enterprise policies and strategic goals.
• Analyst multi-source data to identify trends in supplier quality, product defects, or recurring vulnerabilities, and develop mitigation strategies to prevent future occurrences.
• Maintain readiness to perform additional responsibilities in support of evolving organizational needs.
• Identifying vulnerabilities: Analyzing systems to identify critical components and areas of risk for defense programs
• Assessing suppliers: Verifying that suppliers have an adequate security culture. Using open-source tools to assess suppliers.
• Supply Chain monitoring: Monitor any major changes to the supply chain
• Managing security and compliance: Documenting policies and procedures for security, integrity, resilience, and quality of suppliers, systems, components.
• Evaluating the SCRM program: Reviewing the existing framework / program, incorporating feedback, and making changes
• Preparing reports/ providing insights: Compiling and presenting assessments to customers
• Providing insights: Offering suggestions for process improvements
• Quality Assurance and Review: Conduct regular quality checks of supplier reviews, verifying accuracy of data collected. Address any discrepancies or issues promptly, providing solutions that uphold analytical integrity.
• Collaboration and Communication: Work closely with cross functional teams across Draper to ensure that SCRM operations align with Draper’s protocols. Provide regular updates to the SCRM lead and relevant stakeholders regarding the status of vetting projects.

Benefits

• Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities.