Logo
NetCentrics

Cybersecurity Subject Matter Expert (SME) – C-SCR

NetCentrics, Washington

Save Job

Cybersecurity Subject Matter Expert (SME) – C-SCR

Join to apply for the Cybersecurity Subject Matter Expert (SME) – C-SCR role at NetCentrics

Cybersecurity Subject Matter Expert (SME) – C-SCR

15 hours ago Be among the first 25 applicants

Join to apply for the Cybersecurity Subject Matter Expert (SME) – C-SCR role at NetCentrics

Get AI-powered advice on this job and more exclusive features.

Description
NetCentrics is seeking a skilled

Description
NetCentrics is seeking a skilled Cybersecurity Subject Matter Expert (SME) specializing in Cyber Supply Chain Risk Management (C-SCRM) to support the Department of Commerce’s Supply Chain Risk Management Program (SCRMP) . This role requires a deep understanding of federal cybersecurity frameworks and supply chain risk management principles, particularly in IT and cybersecurity domains. The SME will support the development and execution of risk assessments, documentation, policy input, and continuous monitoring activities, helping ensure that external service providers meet stringent security and compliance standards. The SME will also support strategic program development, performance monitoring, and communication with both internal leadership and external governing bodies.
About Us
At NetCentrics , we proudly hold a distinguished position as a leader in cybersecurity, cloud, digital transformation, and mission support. With an esteemed clientele that includes the DoD, DHS, Federal Civilian Agencies, and the Intelligence Community, our impact on national security is undeniable. We are a diverse group of intellectually curious people, solving hard problems, and living by our core values while bonded by the shared vision to secure our nation - join us!
Key Responsibilities

  • Provide subject matter expertise in IT and cybersecurity supply chain risk management to support the Supply Chain Risk Management Program (SCRMP).
  • Assist in developing and providing input on enterprise cybersecurity policies (ECP) related to C-SCRM.
  • Support the development and implementation of qualitative and quantitative performance metrics to monitor and report on the security posture of products, systems, and services delivered by external providers.
  • Perform continuous monitoring of suppliers and vendors to evaluate ongoing supply chain risk, producing Continuous Monitoring Reports (CMRs).
  • Conduct research and analysis to assess threats, vulnerabilities, and potential mitigations affecting the supply chain.
  • Monitor and analyze new or evolving federal policies and regulations (e.g., OMB, FISMA, DHS BODs) and assess their impact on DOC’s SCRMP.
  • Track supply chain best practices as defined by NIST and evaluate DOC’s SCRMP maturity level against those benchmarks.
  • Provide strategic recommendations to the Federal SCRM Program Manager regarding the evolution and execution of DOC’s C-SCRM strategy and roadmap.
  • Coordinate program activities across multiple DOC program offices to ensure alignment and effective implementation of C-SCRM policies and practices.
  • Engage with internal DOC stakeholders and external bodies (e.g., Congress, OMB) by preparing and delivering written reports, presentations, and slide decks.
  • Prepare and deliver policy and risk-related briefings to executive stakeholders, using formats such as white papers, oral presentations, and PowerPoint decks.
  • Develop content for and conduct information-sharing sessions to educate DOC personnel on C-SCRM and the SCRMP.
  • Facilitate feedback sessions with SCRMP stakeholders to identify areas for continuous improvement in processes, documentation, and strategic alignment.
  • Collaborate with the Office of Cybersecurity and Risk Management (OCRM) to create and maintain key security documentation including: Security categorizations, Risk assessments, Contingency plans, Vulnerability and ST&E reports
  • Translate complex technical and functional requirements into mapped security controls that comply with NIST, FISMA, and agency-specific policy frameworks.
  • Analyze data from open-source, classified (high-side), and internal sources to develop actionable insights for cybersecurity and supply chain risk posture.
Desired Qualifications
  • Bachelor’s degree in Cybersecurity, Information Technology, Supply Chain Management, or a related field.
  • 5+ years of experience in cybersecurity, with at least 3 years focused on supply chain risk management (C-SCRM).
  • In-depth knowledge of federal cybersecurity frameworks, including: FISMA, NIST SP 800-37, 800-53, 800-161, and 800-171, OMB policies, Executive Orders and DHS Binding Operational Directives (BODs)
  • Demonstrated experience supporting or managing federal C-SCRM or SCRMP programs.
  • Experience preparing high-quality deliverables for federal agencies, including reports to Congress, OMB, or other oversight bodies.
  • Proven ability to conduct risk assessments, develop security documentation, and implement continuous monitoring practices.
  • Strong analytical skills with the ability to collect, synthesize, and present technical and non-technical information.
  • Excellent verbal and written communication skills for engaging stakeholders at all levels, including executives.
Preferred Qualifications
  • Active security clearance (Public Trust, Secret, or TS/SCI).
  • Advanced degree (Master’s or higher) in a relevant discipline.
  • Experience working directly with the Department of Commerce (DOC) or similar civilian federal agencies.
  • Familiarity with NIST Cybersecurity Framework (CSF) and CMMC requirements.
  • Experience supporting Enterprise Cybersecurity Policy (ECP) initiatives.
  • Knowledge of supply chain threat intelligence sources and tools.
  • Experience assessing organizational maturity using established C-SCRM models or frameworks.
Relevant Industry Certifications Such As
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Supply Chain Professional (CSCP)
  • CompTIA Security+
Where You Belong
At the heart of our organization lies a set of five core values that guide every facet of our work. "Mission First" epitomizes our unwavering commitment to our goals. "People Always" underscores the significance we place on our team's well-being and development. We continually strive to "Be Eminent" by consistently pushing the boundaries of excellence. "Embrace the Team" reflects our unwavering belief in the power of collaboration, recognizing that together, we attain greatness. With every action, we "Act with a Purpose," ensuring that our efforts contribute meaningfully to a larger mission. These values serve as the bedrock of our company culture, propelling us forward as a united and purpose-driven team.
Why Join NetCentrics
Join us not just to be a part of safeguarding our nation, but to be at the forefront of innovation, where your ideas and expertise play a pivotal role in shaping the future of cybersecurity and IT. Together, we're not just protecting systems; we're pioneering them. Come be a part of our team and redefine the possibilities in our industry!
Commitment to Diversity
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability.
Equal Opportunity Employer/Veterans/Disabled

Seniority level

  • Seniority level

    Mid-Senior level

Employment type

  • Employment type

    Full-time

Job function

  • Job function

    Engineering and Information Technology

  • Industries

    IT Services and IT Consulting

Referrals increase your chances of interviewing at NetCentrics by 2x

Sign in to set job alerts for “Cyber Security Specialist” roles.

Herndon, VA $90,000.00-$115,000.00 1 week ago

FBI Special Agent: Cybersecurity/IT Expertise

Arlington, VA $99,461.00-$128,329.00 1 week ago

Reston, VA $70,000.00-$85,000.00 1 week ago

Columbia, MD $55,000.00-$60,000.00 16 hours ago

Information Security Analyst (SOC 2 Compliance)

Fairfax, VA $92,400.00-$115,000.00 3 weeks ago

Security Operations Center (SOC) Analyst - Mid

Junior Cybersecurity Threat Intelligence Analyst

Junior Cybersecurity SIEM Monitoring Analyst

Security Operations Center (SOC) Analyst

2027415 Cyber Security Engineer $215,000.00

Tysons Corner, VA $10,000.00-$215,000.00 4 days ago

District of Columbia, United States 1 week ago

Security Operations Center (SoC) Analyst

Sterling, VA $70,000.00-$85,000.00 1 day ago

Washington, DC $120.00-$125.00 2 weeks ago

2027392 Cyber Security Analyst $195,000.00

McLean, VA $10,000.00-$195,000.00 2 weeks ago

2027398 Cyber Security Analyst $200,000.00

Chantilly, VA $10,000.00-$200,000.00 4 days ago

IT Cybersecurity Specialist (PLCYPLN-INFOSEC), GS-2210-13

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr