Bachelor's degree in computer science, business management, or an IT-related field preferred.
Network+ and Security+ or similar IT certifications preferred.
8+ years of relevant experience recommended, with alternative qualifications considered.
Strong understanding of cybersecurity risks in supply chain management.
Ability to create detailed technical vulnerability reports.
Responsibilities
Provide analytical support to mitigate supply chain cybersecurity risks.
Assess and address risks in ICT/OT product and service supply chains.
Ensure integrity, security, quality, and resilience of supply chain products and services.
Create detailed reports on technical vulnerabilities for ICT products and services.
Produce management reports with metrics on information risk for senior leadership.
Advise on necessary changes to security policies and procedures for business expansion.
Provide security expertise to technology teams and projects.
Benefits
Opportunity to work at the intersection of cybersecurity and supply chain management.
Engagement in a critical field with growing importance linked to technology risks.
Chance to impact senior leadership decisions with your analysis and reports.
Full Job Description
Requirements:
Provides analytical support to manage the increasing risk of supply chain compromise related to cybersecurity, whether intentional or unintentional.
Identifies, assesses, and mitigates the risks associated with the distributed and interconnected nature of ICT/OT product and service supply chains.
Ensures the integrity, security, quality and resilience of the supply chain and its products and services.
Creates detailed technical vulnerability reports for ICT products and assigned technical "as a service" procurements.
Produces management reporting, including appropriate metrics that inform senior leadership as to the state of information risk and exposure.
Understands security product/service cost drivers and industry and business trends impacting the Agency information security program.
Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion. Provides information security matter expertise to technology teams and projects.
Minimum of a bachelor's degree from an accredited college or university in computer science, business management, or IT related discipline is preferred.
Network+ and Security+ certifications or similar IT certifications are preferred.
8+ years' experience recommended. In absence of years of experience, certifications or past work may be used to show the level of experience needed to perform at this level.
