Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst

Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst

Location: Washington, DC

Schedule: Onsite, 5 days/week

Position Type: Direct Hire

Clearance Required: Active TS clearance required at time of application. Must be willing and able to obtain SCI access and pass a CI polygraph.

Citizenship: U.S. Citizenship required

We are seeking a Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst to support a high-visibility federal environment focused on securing complex, globally distributed ICT and operational technology supply chains. This individual will play a key role in identifying, assessing, and mitigating cybersecurity risks associated with products, services, suppliers, and procurement activities across the enterprise.

This is an excellent opportunity for a cybersecurity professional with strong experience in supply chain risk, enterprise security, and vulnerability analysis who can help ensure the integrity, resilience, and security of critical technology assets throughout their lifecycle.

Key Responsibilities:

• Analyze and assess cybersecurity risks related to ICT/OT supply chains, including both intentional and unintentional compromise
• Review procurement documentation and supplier-related materials to support risk-based determinations and asset procurement decisions
• Evaluate supply chain threats tied to products, services, and “as-a-service” offerings
• Develop detailed technical vulnerability reports and recommend mitigation strategies
• Help ensure the integrity, quality, security, and resilience of technology supply chains and associated services
• Identify gaps in existing security policies and procedures and recommend updates or new controls as needed
• Provide information security guidance to technical teams and enterprise initiatives
• Support the development of security architecture standards for new and emerging technologies
• Identify, quantify, and communicate security risks affecting enterprise programs and projects
• Produce management reports, metrics, and analysis to inform leadership on supply chain and information security posture
• Stay current on industry trends, cost drivers, and business factors impacting cybersecurity and supply chain risk programs

Required Qualifications:

• Bachelor’s degree in Computer Science, Business Management, Information Technology, or a related field
• 8 years of experience in cybersecurity, risk management, supply chain analysis, or closely related work
• Additional relevant experience may be considered in lieu of a degree
• Active TS clearance required at time of application
• Must be willing and able to obtain SCI access and pass a CI polygraph
• Strong understanding of cybersecurity risk management principles in complex enterprise environments
• Experience evaluating supplier, procurement, and technology-related security risks
• Ability to communicate technical risk findings clearly to both technical and non-technical stakeholders

Preferred Qualifications:

• Network and Security or equivalent IT/cybersecurity certifications
• Experience supporting federal environments
• Background in ICT/OT security, enterprise vulnerability analysis, and supply chain resilience initiatives