NetCentrics Corporation
Cybersecurity Subject Matter Expert (SME) – C-SCR
NetCentrics Corporation, Washington, District of Columbia, us, 20022
Description
NetCentrics is seeking a skilled
Cybersecurity Subject Matter Expert (SME)
specializing in
Cyber Supply Chain Risk Management (C-SCRM)
to support the Department of Commerce’s
Supply Chain Risk Management Program (SCRMP) . This role requires a deep understanding of federal cybersecurity frameworks and supply chain risk management principles, particularly in IT and cybersecurity domains. The SME will support the development and execution of risk assessments, documentation, policy input, and continuous monitoring activities, helping ensure that external service providers meet stringent security and compliance standards. The SME will also support strategic program development, performance monitoring, and communication with both internal leadership and external governing bodies. About Us: At
NetCentrics , we proudly hold a distinguished position as a leader in cybersecurity, cloud, digital transformation, and mission support. With an esteemed clientele that includes the DoD, DHS, Federal Civilian Agencies, and the Intelligence Community, our impact on national security is undeniable. We are a diverse group of intellectually curious people, solving hard problems, and living by our core values while bonded by the shared vision to secure our nation - join us! Key Responsibilities: Provide
subject matter expertise
in IT and cybersecurity
supply chain risk management
to support the
Supply Chain Risk Management Program (SCRMP) . Assist in developing and providing input on
enterprise cybersecurity policies (ECP)
related to C-SCRM. Support the development and implementation of
qualitative and quantitative performance metrics
to monitor and report on the security posture of products, systems, and services delivered by external providers. Perform
continuous monitoring
of suppliers and vendors to evaluate ongoing
supply chain risk , producing
Continuous Monitoring Reports (CMRs) . Conduct
research and analysis
to assess threats, vulnerabilities, and potential mitigations affecting the supply chain. Monitor and analyze
new or evolving federal policies and regulations
(e.g.,
OMB ,
FISMA ,
DHS BODs ) and assess their impact on DOC’s SCRMP. Track
supply chain best practices
as defined by
NIST
and evaluate DOC’s SCRMP maturity level against those benchmarks. Provide
strategic recommendations
to the Federal SCRM Program Manager regarding the evolution and execution of DOC’s C-SCRM strategy and roadmap. Coordinate program activities across multiple
DOC program offices
to ensure alignment and effective implementation of C-SCRM policies and practices. Engage with internal DOC stakeholders and external bodies (e.g.,
Congress ,
OMB ) by preparing and delivering written reports, presentations, and slide decks. Prepare and deliver
policy and risk-related briefings
to executive stakeholders, using formats such as white papers, oral presentations, and PowerPoint decks. Develop content for and
conduct information-sharing sessions
to educate DOC personnel on C-SCRM and the SCRMP. Facilitate feedback sessions with SCRMP stakeholders to identify areas for
continuous improvement
in processes, documentation, and strategic alignment. Collaborate with the Office of Cybersecurity and Risk Management (OCRM) to create and maintain key security documentation including: Security categorizations, Risk assessments, Contingency plans, Vulnerability and ST&E reports Translate complex technical and functional requirements into mapped
security controls
that comply with NIST, FISMA, and agency-specific policy frameworks. Analyze data from
open-source, classified (high-side), and internal sources
to develop actionable insights for cybersecurity and supply chain risk posture. Desired Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, Supply Chain Management, or a related field. 5+ years of experience
in cybersecurity, with at least
3 years focused on supply chain risk management (C-SCRM) . In-depth knowledge of federal cybersecurity frameworks, including:
FISMA, NIST SP 800-37, 800-53, 800-161, and 800-171, OMB policies, Executive Orders and DHS Binding Operational Directives (BODs) Demonstrated experience supporting or managing federal
C-SCRM or SCRMP programs . Experience preparing high-quality deliverables for
federal agencies , including reports to
Congress, OMB , or other oversight bodies. Proven ability to conduct
risk assessments , develop security documentation, and implement
continuous monitoring
practices. Strong analytical skills with the ability to collect, synthesize, and present technical and non-technical information. Excellent verbal and written communication skills for engaging stakeholders at all levels, including executives. Preferred Qualifications: Active security clearance
(Public Trust, Secret, or TS/SCI). Advanced degree (Master’s or higher) in a relevant discipline. Experience working directly with the
Department of Commerce (DOC)
or similar civilian federal agencies. Familiarity with
NIST Cybersecurity Framework (CSF)
and
CMMC
requirements. Experience supporting Enterprise Cybersecurity Policy (ECP) initiatives. Knowledge of supply chain threat intelligence sources and tools. Experience assessing organizational maturity using established C-SCRM models or frameworks. Relevant industry certifications such as: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Certified Supply Chain Professional (CSCP) CompTIA Security+ Where You Belong At the heart of our organization lies a set of five core values that guide every facet of our work.
"Mission First"
epitomizes our unwavering commitment to our goals.
"People Always"
underscores the significance we place on our team's well-being and development. We continually strive to
"Be Eminent"
by consistently pushing the boundaries of excellence.
"Embrace the Team"
reflects our unwavering belief in the power of collaboration, recognizing that together, we attain greatness. With every action, we
"Act with a Purpose,"
ensuring that our efforts contribute meaningfully to a larger mission. These values serve as the bedrock of our company culture, propelling us forward as a united and purpose-driven team. Why Join NetCentrics Join us not just to be a part of safeguarding our nation, but to be at the forefront of innovation, where your ideas and expertise play a pivotal role in shaping the future of cybersecurity and IT. Together, we're not just protecting systems; we're pioneering them. Come be a part of our team and redefine the possibilities in our industry! Commitment to Diversity This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability. Equal Opportunity Employer/Veterans/Disabled
#J-18808-Ljbffr
Cybersecurity Subject Matter Expert (SME)
specializing in
Cyber Supply Chain Risk Management (C-SCRM)
to support the Department of Commerce’s
Supply Chain Risk Management Program (SCRMP) . This role requires a deep understanding of federal cybersecurity frameworks and supply chain risk management principles, particularly in IT and cybersecurity domains. The SME will support the development and execution of risk assessments, documentation, policy input, and continuous monitoring activities, helping ensure that external service providers meet stringent security and compliance standards. The SME will also support strategic program development, performance monitoring, and communication with both internal leadership and external governing bodies. About Us: At
NetCentrics , we proudly hold a distinguished position as a leader in cybersecurity, cloud, digital transformation, and mission support. With an esteemed clientele that includes the DoD, DHS, Federal Civilian Agencies, and the Intelligence Community, our impact on national security is undeniable. We are a diverse group of intellectually curious people, solving hard problems, and living by our core values while bonded by the shared vision to secure our nation - join us! Key Responsibilities: Provide
subject matter expertise
in IT and cybersecurity
supply chain risk management
to support the
Supply Chain Risk Management Program (SCRMP) . Assist in developing and providing input on
enterprise cybersecurity policies (ECP)
related to C-SCRM. Support the development and implementation of
qualitative and quantitative performance metrics
to monitor and report on the security posture of products, systems, and services delivered by external providers. Perform
continuous monitoring
of suppliers and vendors to evaluate ongoing
supply chain risk , producing
Continuous Monitoring Reports (CMRs) . Conduct
research and analysis
to assess threats, vulnerabilities, and potential mitigations affecting the supply chain. Monitor and analyze
new or evolving federal policies and regulations
(e.g.,
OMB ,
FISMA ,
DHS BODs ) and assess their impact on DOC’s SCRMP. Track
supply chain best practices
as defined by
NIST
and evaluate DOC’s SCRMP maturity level against those benchmarks. Provide
strategic recommendations
to the Federal SCRM Program Manager regarding the evolution and execution of DOC’s C-SCRM strategy and roadmap. Coordinate program activities across multiple
DOC program offices
to ensure alignment and effective implementation of C-SCRM policies and practices. Engage with internal DOC stakeholders and external bodies (e.g.,
Congress ,
OMB ) by preparing and delivering written reports, presentations, and slide decks. Prepare and deliver
policy and risk-related briefings
to executive stakeholders, using formats such as white papers, oral presentations, and PowerPoint decks. Develop content for and
conduct information-sharing sessions
to educate DOC personnel on C-SCRM and the SCRMP. Facilitate feedback sessions with SCRMP stakeholders to identify areas for
continuous improvement
in processes, documentation, and strategic alignment. Collaborate with the Office of Cybersecurity and Risk Management (OCRM) to create and maintain key security documentation including: Security categorizations, Risk assessments, Contingency plans, Vulnerability and ST&E reports Translate complex technical and functional requirements into mapped
security controls
that comply with NIST, FISMA, and agency-specific policy frameworks. Analyze data from
open-source, classified (high-side), and internal sources
to develop actionable insights for cybersecurity and supply chain risk posture. Desired Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, Supply Chain Management, or a related field. 5+ years of experience
in cybersecurity, with at least
3 years focused on supply chain risk management (C-SCRM) . In-depth knowledge of federal cybersecurity frameworks, including:
FISMA, NIST SP 800-37, 800-53, 800-161, and 800-171, OMB policies, Executive Orders and DHS Binding Operational Directives (BODs) Demonstrated experience supporting or managing federal
C-SCRM or SCRMP programs . Experience preparing high-quality deliverables for
federal agencies , including reports to
Congress, OMB , or other oversight bodies. Proven ability to conduct
risk assessments , develop security documentation, and implement
continuous monitoring
practices. Strong analytical skills with the ability to collect, synthesize, and present technical and non-technical information. Excellent verbal and written communication skills for engaging stakeholders at all levels, including executives. Preferred Qualifications: Active security clearance
(Public Trust, Secret, or TS/SCI). Advanced degree (Master’s or higher) in a relevant discipline. Experience working directly with the
Department of Commerce (DOC)
or similar civilian federal agencies. Familiarity with
NIST Cybersecurity Framework (CSF)
and
CMMC
requirements. Experience supporting Enterprise Cybersecurity Policy (ECP) initiatives. Knowledge of supply chain threat intelligence sources and tools. Experience assessing organizational maturity using established C-SCRM models or frameworks. Relevant industry certifications such as: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Certified Supply Chain Professional (CSCP) CompTIA Security+ Where You Belong At the heart of our organization lies a set of five core values that guide every facet of our work.
"Mission First"
epitomizes our unwavering commitment to our goals.
"People Always"
underscores the significance we place on our team's well-being and development. We continually strive to
"Be Eminent"
by consistently pushing the boundaries of excellence.
"Embrace the Team"
reflects our unwavering belief in the power of collaboration, recognizing that together, we attain greatness. With every action, we
"Act with a Purpose,"
ensuring that our efforts contribute meaningfully to a larger mission. These values serve as the bedrock of our company culture, propelling us forward as a united and purpose-driven team. Why Join NetCentrics Join us not just to be a part of safeguarding our nation, but to be at the forefront of innovation, where your ideas and expertise play a pivotal role in shaping the future of cybersecurity and IT. Together, we're not just protecting systems; we're pioneering them. Come be a part of our team and redefine the possibilities in our industry! Commitment to Diversity This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability. Equal Opportunity Employer/Veterans/Disabled
#J-18808-Ljbffr