Guidehouse
Mid - Cybersecurity Supply Chain Risk Mgt Analyst
Guidehouse, Washington, District of Columbia, us, 20022
Mid - Cybersecurity Supply Chain Risk Mgt Analyst
Be among the first 25 applicants.
Responsibilities
Identify, assess, and mitigate the threats and vulnerabilities of IT procurements through operational focused risk assessment and mitigation plans.
Conduct vulnerability and threat assessments of suppliers, software, hardware, and overall supply chain processes to pinpoint potential risks.
Responsible for streamlining the procurement process and balancing risk avoidance with operational requirements to enable stakeholders to meet operational needs and minimize risk to the enterprise.
Provide analytical support to manage the increasing risk of supply chain compromise related to cybersecurity.
Ensure business continuity and minimize disruptions by identifying and mitigating risks that could impact critical operations and mission effectiveness.
Perform due diligence on potential and existing suppliers to ensure their products maintain adequate security measures and meet compliance requirements.
Identify, assess, and mitigate the risks associated with the distributed and interconnected nature of product and service supply chains.
Ensure the integrity, security, quality and resilience of the supply chain products and services.
Develop and recommend strategies to mitigate identified risks, including enhancing technical controls, updating internal policies, or collaborating with vendors to improve their cybersecurity posture.
Ensure cybersecurity‑enabled products or other compensating security control technologies reduce identified risks to an acceptable level.
Evaluate risks that may include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the cybersecurity‑related elements of the supply chain.
Apply security policies to meet the security objectives of the environment.
Qualifications
An ACTIVE and MAINTAINED Top Secret with SCI (TS/SCI) Federal or DoD security clearance; must maintain eligibility to UPGRADE and MAINTAIN a CI Polygraph Federal or DoD security clearance.
Bachelor’s Degree.
ONE (1) year of experience in Cybersecurity, Security System Design, Security Controls, Cybersecurity Framework, Zero Trust and/or Cloud Security.
Nice to Have
Active TS/SCI with CI polygraph.
Experience assessing and processing supply chain recommendations aligned with Zero Trust principles, threat scenarios, reference architectures and governance frameworks.
Certifications of CYSA+, Security+, CISSP, CASP, CND or relevant certifications.
Experience in professional services consultancy and federal cybersecurity industry.
Security controls based on NIST SP 800‑53, CSF.
Strong knowledge of FEDRAMP, FISMA, NIST SP 800‑53, and other federal cybersecurity related policies directives and mandates.
Strong knowledge of applications of security technologies, products and tools.
Demonstrated ability to work independently under general supervision.
Salary Range Salary range: $85,000.00–$141,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
Benefits
Medical, Rx, Dental & Vision Insurance.
Personal and Family Sick Time & Company Paid Holidays.
Position may be eligible for a discretionary variable incentive bonus.
Parental Leave and Adoption Assistance.
401(k) Retirement Plan.
Basic Life & Supplemental Life.
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts.
Short-Term & Long-Term Disability.
Student Loan PayDown.
Tuition Reimbursement, Personal Development & Learning Opportunities.
Skills Development & Certifications.
Employee Referral Program.
Corporate Sponsored Events & Community Outreach.
Emergency Back-Up Childcare Program.
Mobility Stipend.
Travel & Clearance Travel required: Up to 10%.
Clearance required: Active Top Secret SCI (TS/SCI).
Equal Opportunity Employer Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
#J-18808-Ljbffr
Responsibilities
Identify, assess, and mitigate the threats and vulnerabilities of IT procurements through operational focused risk assessment and mitigation plans.
Conduct vulnerability and threat assessments of suppliers, software, hardware, and overall supply chain processes to pinpoint potential risks.
Responsible for streamlining the procurement process and balancing risk avoidance with operational requirements to enable stakeholders to meet operational needs and minimize risk to the enterprise.
Provide analytical support to manage the increasing risk of supply chain compromise related to cybersecurity.
Ensure business continuity and minimize disruptions by identifying and mitigating risks that could impact critical operations and mission effectiveness.
Perform due diligence on potential and existing suppliers to ensure their products maintain adequate security measures and meet compliance requirements.
Identify, assess, and mitigate the risks associated with the distributed and interconnected nature of product and service supply chains.
Ensure the integrity, security, quality and resilience of the supply chain products and services.
Develop and recommend strategies to mitigate identified risks, including enhancing technical controls, updating internal policies, or collaborating with vendors to improve their cybersecurity posture.
Ensure cybersecurity‑enabled products or other compensating security control technologies reduce identified risks to an acceptable level.
Evaluate risks that may include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the cybersecurity‑related elements of the supply chain.
Apply security policies to meet the security objectives of the environment.
Qualifications
An ACTIVE and MAINTAINED Top Secret with SCI (TS/SCI) Federal or DoD security clearance; must maintain eligibility to UPGRADE and MAINTAIN a CI Polygraph Federal or DoD security clearance.
Bachelor’s Degree.
ONE (1) year of experience in Cybersecurity, Security System Design, Security Controls, Cybersecurity Framework, Zero Trust and/or Cloud Security.
Nice to Have
Active TS/SCI with CI polygraph.
Experience assessing and processing supply chain recommendations aligned with Zero Trust principles, threat scenarios, reference architectures and governance frameworks.
Certifications of CYSA+, Security+, CISSP, CASP, CND or relevant certifications.
Experience in professional services consultancy and federal cybersecurity industry.
Security controls based on NIST SP 800‑53, CSF.
Strong knowledge of FEDRAMP, FISMA, NIST SP 800‑53, and other federal cybersecurity related policies directives and mandates.
Strong knowledge of applications of security technologies, products and tools.
Demonstrated ability to work independently under general supervision.
Salary Range Salary range: $85,000.00–$141,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
Benefits
Medical, Rx, Dental & Vision Insurance.
Personal and Family Sick Time & Company Paid Holidays.
Position may be eligible for a discretionary variable incentive bonus.
Parental Leave and Adoption Assistance.
401(k) Retirement Plan.
Basic Life & Supplemental Life.
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts.
Short-Term & Long-Term Disability.
Student Loan PayDown.
Tuition Reimbursement, Personal Development & Learning Opportunities.
Skills Development & Certifications.
Employee Referral Program.
Corporate Sponsored Events & Community Outreach.
Emergency Back-Up Childcare Program.
Mobility Stipend.
Travel & Clearance Travel required: Up to 10%.
Clearance required: Active Top Secret SCI (TS/SCI).
Equal Opportunity Employer Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
#J-18808-Ljbffr