Match score not available

Cybersecurity SCRM SME II

Remote: 
Full Remote
Contract: 
Salary: 
165 - 170K yearly
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Bachelor's degree in Cybersecurity or related field, Minimum 5 years of cybersecurity experience, IAT Level II certification required, Strong knowledge of NIST SP 800-53 Rev. 5, Experience with third-party security risk assessments.

Key responsabilities:

  • Provide analysis and integration advice on cybersecurity challenges
  • Manage and govern cybersecurity SCRM program
  • Conduct security risk assessments of supply chain vendors
  • Develop proactive frameworks for managing supply chain risks
  • Enhance cybersecurity awareness through training programs
Cherokee Federal logo
Cherokee Federal Government Administration XLarge https://Cherokee-Federal.com/
5001 - 10000 Employees
See more Cherokee Federal offers

Job description

Job Description

Cyber Security SME/SCRM Analyst

This position requires the ability to obtain a Public Trust

We are seeking a highly knowledgeable and experienced Cybersecurity Subject Matter Expert (SME) and Supply Chain Risk Management (SCRM) Analyst to provide expert-level systems analysis, design, integration, and implementation advice on complex cybersecurity challenges, with a specific focus on managing supply chain risks. The successful candidate will contribute to all phases of study development, assist with SCRM program management efforts, and conduct security risk assessments of third-party vendors. Additionally, the Analyst will play a critical role in enhancing cybersecurity awareness through training programs and ensuring adherence to federal regulations, including NIST SP 800-53 Rev. 5 and OMB M-22-18.

Compensation & Benefits:

Estimated Starting Salary Range for Cyber Security SME/SCRM Analyst: $165,000-$170,000

Pay commensurate with experience.

Full time benefits include Medical, Dental, Vision, 401K and other possible benefits as provided. Benefits are subject to change with or without notice.

Cyber Security SME/SCRM Analyst Responsibilities Include:

  • Provide high-level analysis, design, and integration advice on complex cybersecurity challenges, particularly within the realm of supply chain risk management (SCRM).
  • Assist the SCRM Task Lead with managing and governing the organization’s cybersecurity SCRM program, ensuring that procedures are up-to-date and aligned with federal regulations.
  • Identify and categorize supply chain vendors into risk levels based on services and products provided and conduct thorough security risk assessments to identify gaps against security controls and requirements.
  • Develop and maintain a framework for proactively managing cybersecurity supply chain risks, addressing issues such as counterfeit insertion, tampering, unauthorized production, theft, and insertion of malicious code throughout the Software Development Life Cycle (SDLC).
  • Integrate SCRM concepts into the organization’s Information Security Continuous Monitoring (ISCM) program, as part of the transition to NIST SP 800-53 Rev. 5.
  • Support the implementation of OMB M-22-18 and assist in integrating the Secure Software Development Framework (SSDF) into the SDLC and ISCM processes.
  • Establish and contribute to a Cyber Workforce Training, Education, and Awareness Program, including the creation of certificate pathways for key cybersecurity roles, with a focus on setting training requirements and ensuring accountability.
  • Assist the customer in developing and maintaining a well-trained cybersecurity workforce that can achieve and maintain necessary industry certifications and academic credentials.
  • Support the Information System Security Officer (ISSO) function by assisting in the development of Authority to Operate (ATO) packages and strategizing ways to centralize the ISSO support function.
  • Prepare and deliver senior management presentations, reports, and briefings on the progress of cybersecurity initiatives, SCRM efforts, and workforce development.
  • Performs other job-related duties as assigned

Cyber Security SME/SCRM Analyst Experience, Education, Skills, Abilities requested:

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
  • Minimum 5 years of experience in cybersecurity, with a focus on supply chain risk management (SCRM) and cybersecurity program management.
  • Possesses IAT Level II certification (e.g., CompTIA Security+, GIAC, or equivalent).
  • Strong understanding of NIST SP 800-53 Rev. 5, federal cybersecurity regulations, and supply chain risk management frameworks.
  • Experience conducting security risk assessments for third-party vendors and identifying compliance gaps.
  • Familiarity with the Information Security Continuous Monitoring (ISCM) process and the integration of SCRM concepts into cybersecurity frameworks.
  • Ability to manage complex projects and collaborate with cross-functional teams to achieve cybersecurity goals.
  • Experience supporting the ISSO function and developing ATO packages.
  • Strong written and verbal communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
  • Experience with Secure Software Development Framework (SSDF) and its integration into organizational processes preferred.
  • Familiarity with the implementation of OMB M-22-18 and other federal cybersecurity regulations preferred.
  • Proven track record of managing and maintaining cybersecurity workforce training programs, including certification tracking and development preferred.
  • Past applicable job experience may include, but is not limited to: Cyber Security Specialist, Security Risk Management Analyst, or Information Security Consultant
  • Must pass pre-employment qualifications of Cherokee Federal

Company Information:

Cherokee United Services (CUS) is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about CUS, visit cherokee-federal.com.

#CherokeeFederal

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles

Cyber Security Specialist

Security Risk Management Analyst

Information Security Consultant

Cyber Risk Analyst

Security Compliance Analyst

Keywords

Risk Analysis

Compliance Assessment

Threat Intelligence

Vulnerability Assessment

Incident Management

Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Government Administration
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Training And Development
  • Verbal Communication Skills
  • Collaboration

Related jobs