Supply Chain Risk Management (SCRM) Audit Analyst (Logistics Management Analyst 2)

HII's Mission Technologies division•Fairfax, VA

1d•Onsite

About The Position

This opportunity resides with Warfare Systems (WS), a business group within HII’s Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation’s intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. HII - Mission Technologies is currently seeking an Intermediate-level Supply Chain Risk Management (SCRM) Audit Analyst to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. This position is contingent on contract award.

Requirements

3 years relevant experience with Bachelors in related field; 1 year relevant experience with Masters in related field; or High School Diploma or equivalent and 7 years relevant experience.
IAM I (CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC) certified
Must have an active Secret security clearance
US Citizenship

Nice To Haves

Familiarity with Advana architecture, Palantir Foundry, or similar data integration platforms
Experience with data governance frameworks and metadata management
Agile/SAFe delivery experience in secure environments

Responsibilities

Performs detailed supply chain security review activities supporting Department of Defense information systems across unclassified and classified environments.
Conducts structured analysis of third-party vendor security documentation, evaluating cybersecurity controls, governance practices, and risk management approaches against DoD and federal requirements.
Reviews independent audit artifacts including SOC reports, ISO certifications, penetration test summaries, and vendor attestations to assess adequacy of security safeguards and control implementation.
Validates vendor responses to security questionnaires, due diligence requests, and contractual security clauses, identifying gaps, inconsistencies, and residual risk conditions.
Coordinates with Supply Chain Risk Management leadership, contracting personnel, system owners, and cybersecurity teams to document findings and support remediation planning.
Tracks vendor security deficiencies, corrective actions, and closure status within risk registers, assessment repositories, and continuous monitoring dashboards.
Prepares assessment summaries, deficiency reports, and supporting documentation for Risk Management Framework activities, authorization decisions, and leadership briefings.
Maintains organized evidence packages within SharePoint and approved document management systems to support audits and inspections.
Monitors emerging supply chain threats, government advisories, and policy updates to inform assessment criteria and review focus areas.
Contributes to improved third-party risk visibility, stronger vendor accountability, and sustained mission assurance while reinforcing program values of diligence, transparency, consistency, and disciplined risk oversight.