Cybersecurity Supply Risk Chain Management Specialist

Job ID: 2214112

• Setup and attend monthly meetings with DoD CIO and other DoD agencies
• Knowledgeable of the Cybersecurity C-SCRM lifecycle
• Perform open intelligence C-SCRM illumination on ICT items
• Compile, file, and submit cyber threat assessments internal and external to the DoD customer
• Provide guidance and assist with Criticality Assessments for cyber security threats as required
• Knowledgeable of C-SCRM DoDI, NIST, NDAAs, Statutes, policies, and guidance to reference as required
• Consult, guide, and inform, PMs, ISSMs and procurement officers of C-SCRM lifecycle and policy
• Interact with external DoD organizations to provide guidance on C-SCRM tailor fit for cross collaboration and interactions across networks
• Understand and provide guidance on the DIA C-SCRM Clause and procedural guidance
• Ability to provide impact analysis of C-SCRM threats on Critical components and covered systems
• Provide guidance on C-SCRM Risk Management Framework (RMF) controls
• Capability to validate C-SCRM RMF control implementations and provide guidance on process improvements
• Ability to provide guidance and/or process improvements to increase C-SCRM resiliency
• Ability to understand and differentiate between the procurement and implementation aspect of C-SCRM
• Ability to tailor and improve C-SCRM documentation, C-SCRM processes, and C-SCRM policies for USSTRATCOM
• Ability to maintain relationships and coordination with multiple DoD agencies as USSTRATCOM C-SCRM liaison
• Ability to understand and become knowledgeable of cybersecurity aspect of C-SCRM
• Capability to create C-SCRM training program for USSTRATCOM HQ customers and inner/external organizations
• Ability to understand best practices to maintain resiliency and secure the C-SCRM and/or acquisition lifecycle of Free and Open Software (FOS)
• Ability to perform gap analysis of C-SCRM ICT items and assets that are both new and legacy
• Ability to create and maintain documents for reference
• The ability to brief and manage stakeholders at all levels of the DoD
• Capability to analyze and interpret NIST RMF control objectives and implementation

• Effectively communicate ideas and thoughts tailored to the organizational business objectives/mission to generate value
• Effectively communicate to connect with team members, develop better relationships with clients and manage the expectations of key stakeholders
• Understand organizational risk with the ability to tailor value based on customer risk appetite and risk threshold
• Ability to solve complex problems with minimum guidance and customer input
• Ability to learn on the fly and operate autonomously on a day to day basis
• Ability to communication complex documentation into commonly understood terminology for general understanding
• Ability to fulfill any gaps in knowledge that may complete the project(s) more efficiently or more successfully
• Efficiently manage conflict resolution to fix stalled workflows, discrepancies or addressing other setbacks with internal or external stakeholders
• Ability to develop preventive strategies to include training on improved C-SCRM practices, incident response initiatives, and C-SCRM policies and procedures
• Ability to understand the cybersecurity practice of protecting systems, network, and programs with an emphasis on critical components and trusted systems
• Ability to maintain, retain, and honor Non-disclosure agreements (NDAs) to prevent release of proprietary information
• Strong professional writing with the ability to learn different types of standardized formatting
• Ability to utilize PowerPoint MS Word and other MS products for productivity