Cyber Supply Chain Risk Management Specialist

Why This is an Exciting Role:

As a Cyber Supply Chain Risk Management Specialist, you will:

• Communicate and collaborate with key stakeholders across the enterprise in regards to cybersecurity related matters.
• Define and maintain policies, procedures, control objectives and publish implementation guidance.
• Define policy compliance measures and consult on regulatory compliance.
• Define and perform vulnerability assessments leveraging threat analysis, known vulnerabilities, and business value to scope and prioritize efforts.
• Identify the operational environment, the threat against it, the potential impact to it and the most likely courses of adversarial action upon it.
• Define and manage cybersecurity risk management processes.
• Perform due diligence for mergers and acquisitions, ensuring cybersecurity risks are escalated to the appropriate management level for action.
• Act as the primary cybersecurity interface to non-fully integrated subsidiaries, enabling technical interchange and consistent business priorities for Information Security efforts.
• Provide supply chain cybersecurity risk management requirements and collaborate with procurement agents and other Supply Chain functional representatives to implement supply chain cybersecurity. 
• Perform cybersecurity risk management and/or policy development and deployment.
• Perform and participates in cybersecurity assessments and audits both in terms of controls and risks.
• Conduct vendor risk assessments using the Cyber Supply Chain Risk Management (C‑SCRM) processes
• Prepare, review, and present technical reports and briefings.
• Ensure compliance with C-SCRM policies and standards
• Develop and implement SCRM mitigation strategies.
• Identify and contribute to the identification of root causes, prioritize threats and recommend and/or implement corrective action.
• Develop and maintain effective, accurate, and timely reporting and metrics
• Provide technical guidance within a defined organizational team.
• Explore the enterprise for evolving state of knowledge and methods regarding cybersecurity best practices.
• Support the development of enterprise-wide cybersecurity policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

What Makes BI&A Different:

As a fully owned subsidiary of The Boeing Company, BI&A offers an optimal mix of a small company environment with exceptional opportunities supported by a large corporation.

Every day, Boeing Intelligence & Analytics supports global missions by building and delivering intelligence, analytics, and cyber solutions that enable users to advance national security. From hardware and software engineering solutions to analytics that keep this nation safe, we create value that meets users’ needs. With vibrant partnerships and innovative approaches, we serve the Intelligence Community through innovation and vision. We have provided our customers with the tools needed to counter evolve global and cyber threats, and to improve wartime decision-making.

• Our talented employees bring software development, systems engineering, and advanced analytics expertise.
• We offer numerous prime contract opportunities with customers headquartered in Maryland, Virginia, and the District of Columbia, as well as subcontract opportunities that align with our areas of focus and additional opportunities nationwide through our parent company.
• We have current open positions on awarded programs across diverse customer sets and are anticipating upcoming contract awards with a 5-year life cycle and an additional 5 option years.
• Our diverse portfolio allows our employees to move to other projects and teams as they gain further proficiency in their current skill set and learn new skill sets along the way.
• We offer hands-on access to cutting-edge technologies and a culture of technical excellence. 

Experience and Qualifications:

To be eligible for this demanding position, the ideal candidate should demonstrate the following experience and qualifications:

Required Education and Years of Experience:

• Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. PhD, Master 3 years' related work experience, 9 years' related work experience, etc.).

Required Qualifications:

• Bachelor Degree and/or Military experience and/or Combination of education and work experience equivalent to 9 years.
• Secret clearance-US prestart
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1.

Desired Qualifications:

• Experience with Defense Acquisition Guidebook, Chapter 9, and the Trusted Systems Key Practices Guide
• Experience with IBM DOORS, or other requirements management programs.
• Various cyber related compliance standards: TEMPEST, DFARS Clause 252.204-7012, COMSEC, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39.)
• Excellent team player with strong written and oral communication skills
• Confident in a fast-paced environment with competing priorities, and able to multi-task and manage expectations.

Telework Availability: None

This position requires the ability to obtain a US Security Clearance for which the US Government requires US Citizenship as a condition of employment. ( An interim and/or final U.S. Secret Clearance Pre-Start is required.)

This position requires clearing a background check and an enhanced Personal Conflict of Interest (PCI) requirements as a condition for employment.

Summary Pay Range:

Please note that the information shown below is a general guideline only. Pay is based upon candidate experience and qualifications, as well as market and business considerations.

$87,200 - $130,800