We are seeking a Cybersecurity Subject Matter Expert specializing in Supply Chain Risk Management (SCRM) to support federal government programs. This role requires extensive experience in cybersecurity and supply chain risk management. This position is located in the Washington, DC area and requires a Top Secret clearance.
Position Description:
The Cybersecurity SME will provide expert guidance and support for the Supply Chain Risk Management Program (SCRMP), focusing on IT and cybersecurity supply chain risk management. Key responsibilities include:
- Develop and review C-SCRM policies and procedures
- Evaluate supplier risks through continuous monitoring practices
- Analyze federal policy changes and legislative impacts on SCRM
- Monitor and assess NIST best practices for supply chain risk management
- Conduct comprehensive supply chain risk assessments
- Develop and maintain performance metrics for security and supply chain risk
- Create detailed reports and presentations for internal and external stakeholders
- Coordinate program activities across multiple offices
- Develop and conduct information sharing sessions and training
- Perform continuous monitoring and produce monitoring reports
- Facilitate customer feedback and program improvement initiatives
Required Education and Experience:
- Master's degree in Cybersecurity, Information Technology, or related field, OR 8+ years of experience in cybersecurity and supply chain risk management
- Active Top Secret clearance
- Experience with federal cybersecurity requirements and frameworks
Required Skills and Competencies:
- Expert knowledge of NIST standards and SCRM frameworks
- Strong understanding of FISMA, OMB, and federal security requirements
- Experience in risk assessment and continuous monitoring
- Expertise in supply chain security and risk management
- Strong analytical and research capabilities
- Excellence in technical writing and documentation
- Ability to analyze complex data and present findings
- Experience with vulnerability assessment and security testing
- Knowledge of federal acquisition and procurement processes
- Strong presentation and communication skills
- Ability to work independently with minimal supervision
- Experience interviewing stakeholders at all organizational levels
Desired Skills and Competencies:
- Security certifications (CISSP, CISM, SCRM certifications)
- Experience with federal security authorization processes
- Knowledge of threat intelligence and analysis
- Familiarity with industrial control system security
- Experience with supply chain security tools and platforms
- Background in federal procurement security
- Understanding of international supply chain risks
- Experience with vendor risk assessment
- Knowledge of emerging supply chain threats and mitigation strategies
- Background in cyber threat intelligence