Sr. Cyber Supply Chain Risk Management Analyst

Job description

Overview We are seeking a technically proficient Cyber Supply Chain Risk Management (C-SCRM) professional to support U.S. Government stakeholders. The C-SCRM Analyst is responsible for identifying, assessing, and mitigating risks associated with the distributed and interconnected nature of Information and Communications Technology and Operational Technology (ICT/OT) product and service supply chains throughout their entire lifecycle. This includes protecting against malicious functionality, counterfeit components, foreign influence, and vulnerabilities derived from poor manufacturing. Responsibilities: - Risk Assessments: Evaluate vendor and supplier security postures (third-party/fourth-party) using frameworks such as NIST SP 800-161. - Threat Analysis: Monitor, analyze, and report on supply chain threats (counterfeit, malicious insertion, Tampering). - Policy Governance & Compliance : Lead the development, formal documentation, and maintenance of organizational C-SCRM policies , Standard Operating Procedures (SOPs), and implementation plans; concurrently monitor and enforce policy compliance across the enterprise by conducting systematic audits and risk assessments to ensure alig...