user avatar

Senior Cybersecurity Supply Chain Risk Analyst

MANTECH

Today
Secret
Unspecified
Unspecified
Engineering - Systems
Stafford, VA (On-Site/Office)
MANTECH seeks a motivated, career and customer-oriented Senior Cybersecurity Supply Chain Risk Analyst to join our team in Stafford, VA.

Responsibilities include but are not limited to:
  • Plays a crucial role in identifying, assessing, and mitigating cybersecurity risks associated with the IT supply chain, possessing a deep understanding of cybersecurity principles, supply chain management processes, and risk assessment methodologies.
  • Responsible for developing and implementing risk management strategies, conducting thorough assessments of vendors and suppliers, and collaborating with stakeholders to ensure the security and resilience of the IT supply chain.
  • Develops and maintains a comprehensive Cybersecurity Supply Chain Risk Management Program and conducts risk assessments of new and existing vendors/suppliers, evaluating their security posture, controls, and compliance.
  • Identifies and analyzes potential cybersecurity threats and vulnerabilities within the IT supply chain, developing and implementing risk mitigation strategies including security controls, contractual obligations, and Incident Response Plans.
  • Collaborates with procurement and vendor management teams to integrate security requirements into vendor selection and onboarding processes, establishes/maintains security standards for vendors, and monitors their performance and compliance.
  • Stays abreast of emerging cybersecurity threats and vulnerabilities affecting the IT supply chain, monitors threat intelligence, develops threat monitoring/detection mechanisms, collaborates with Incident Response Teams to investigate/respond to incidents, develops Incident Response Plans for supply chain disruptions, collaborates with various internal stakeholders, communicates with vendors/suppliers on security requirements, and provides direction and mentorship to subordinate staff.


Minimum Qualifications:
  • BA/BS in field necessary to assume Cybersecurity Supply Chain Risk Analyst duties or 4 additional years of experience in lieu of a degree
  • 9+ years of experience with 5+ years of relevant Cybersecurity Supply Chain Risk Analyst experience.
  • Strong understanding of cybersecurity frameworks and standards (e.g., NIST CSF, ISO 27001). Knowledge of supply chain management processes and best practices.
  • Experience with risk assessment methodologies and tools.
  • Must have CompTIA Security+.


Preferred Qualifications:
  • Master's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
  • Deep familiarity with Government security regulations and compliance requirements, including a thorough understanding of NIST, FedRAMP, and DoD STIGs.
  • Knowledge of supply chain security guidelines and standards specific to Government environments, and familiarity with Government-specific SCRM methodologies, tools, and best practices.
  • Strong understanding of the various threats and vulnerabilities that can impact the cybersecurity supply chain, including those related to software, hardware, services, and third-party providers, and familiarity with frameworks like NIST C-SCRM and international standards like ISO 28000.
  • Relevant certifications such as CISSP, CISM, CRISC, GIAC (e.g., GSLC, GCED, GSTRT), and Certified Supply Chain Professional (CSCP).
  • Experience at a DoD Combatant Command (e.g., SOUTHCOM, NORTHCOM, CENTCOM, CYBERCOM, INDOPACOM, EUCOM, AFRICOM, STRATCOM, TRANSCOM, SOCOM, SPACECOM) or a component is desired.


Clearance Requirements:
  • Must have an active Secret Clearance


Physical Requirements:
  • Must be able to remain in stationary position for up to 50% of the time.
  • Must be able to deliver clear and effective communication verbally and via email, phone, and virtual communication platforms to interface with co-workers and customers.
  • Must be able to occasionally move about inside an office environment to access file cabinets, office machinery, and communicate with co-workers.
group id: RTX14564a
R
Recruiter

ManTech Corporate Capabilities

job ad image
Find MANTECH on Social Media
FacebookFacebookInstagramInstagramXXother imageOther
Network Employers
user avatar
About Us
As the Employer of Choice in the government services and solutions industry, ManTech seeks like minds who exhibit a sense of service, creativity and dedication. The ManTech family comprises a diverse yet united group of nearly 8,000 talented professionals around the globe, each bringing distinct backgrounds and skill sets to the team. Nearly half of us are veterans.

Our diversity makes us successful. Each team member is a unique piece of the puzzle, coming together to solidify our seamless foundation. As One ManTech, we learn together, we win together and we celebrate together.

Rich educational opportunities and programs help employees break through career barriers. ManTech offers tuition assistance, partnerships with universities and institutions, a Technical Recognition Awards program, professional groups that comprise our Communities of Practice and so much more. Our own acclaimed ManTech University offers instruction and resources needed for professional development.
See MANTECH profile
job ad2 image

MANTECH Jobs

Clearance Level
Secret
Employer
MANTECH