Job Description
Offer technical guidance and suggestions concerning the strategic planning, execution, integration, and holistic administration of existing and emerging infrastructure across the client's domain, emphasizing a Comprehensive Supply Chain Risk Management (C-SCRM) perspective.
Formulate, interpret, and enforce security policies and procedures aligned with C-SCRM objectives, integrating key risk indicators (KRIs) to bolster the client’s C-SCRM Program.
Collaborate closely with the client’s security and policy personnel to develop and sustain security integration documentation spanning multiple cloud networks, platforms, and operational systems.
Engage with interdisciplinary team members to revise user manuals, process illustrations, RACI matrices, and training resources pertinent to C-SCRM.
Execute various operational and analytical support tasks as assigned, particularly in bolstering the C-SCRM program and conducting Risk Analysis.
Maintain superior communication with clients, ensuring swift response and resolution to all concerns, tasks, and escalations.
Qualifications:
Bachelor’s degree in computer science, cybersecurity, computer information systems, engineering, supply chain management, or a related field.
Active TS/SCI clearance preferred, or eligibility for the same, with a Secret clearance being mandatory.
Possess a decade of experience within the cybersecurity domain or a technical IT career field.
Proficient understanding of at least two of the following subjects:
- SDLC (Software Development Life Cycle) and NIST SSDF (Software Supply Chain Security)
- DevSecOps pipeline
- Statistical analysis with a focus on correlation
- Vulnerability management
- ICT SCRM (Information and Communications Technology Supply Chain Risk Management)
At least three years of overall experience supporting, implementing, or developing security solutions for both cloud and on-premises IT platforms.
Hold one or more current security certifications such as CISSP, CISA/M, CIPP/CIPM/CIPT.
Expertise in one or more industry standards such as FIPS 140-2, NIST 800-series (30, 53, 88, 161, 171, 218), ICD 731, FedRAMP, or CMMC.
Familiarity or experience with processes like Software Bill of Materials (SBOMs), product vetting for Approved Product Lists, and data analysis from platforms like Snowflake.
Demonstrated track record of meticulousness, self-motivation, and project follow-through.
Ability to communicate effectively with both technical and non-technical stakeholders at various organizational levels.
Adaptability to ambiguity and dynamic work environments, alongside proficiency in handling a fast-paced workload.
Display maturity, judgment, negotiation/influence, analytical prowess, and leadership capabilities.
Proficiency in orchestrating collaborations between project teams and customers to meet unique customer demands.