-
ID
#46096997 -
Job type
Permanent -
Salary
TBD -
Source
SAIC -
Date
2022-09-29 -
Deadline
2022-11-27
Cybersecurity Supply Risk Chain Management Specialist
Nebraska, Offuttafb, 68113 Offuttafb USAPermanent
Vacancy expired!
Job ID: 2214112
Location: OFFUTT AFB , NE , US Date Posted: 2022-09-19Category: CyberSubcategory: Cybersecurity SpecSchedule: Full-timeShift: Day JobTravel: Yes, 10 % of the TimeMinimum Clearance Required: TS/SCIClearance Level Must Be Able to Obtain: NonePotential for Remote Work: NoDescription Senior Cybersecurity Specialist Description - External SAIC is seeking a Cybersecurity Supply Chain Risk Management (C-SCRM) Specialist that will research current and new policy, guidance, statues, and governance and best practices to design, implement, and mature the C-SCRM program . Duties- Setup and attend monthly meetings with DoD CIO and other DoD agencies
- Knowledgeable of the Cybersecurity C-SCRM lifecycle
- Perform open intelligence C-SCRM illumination on ICT items
- Compile, file, and submit cyber threat assessments internal and external to the DoD customer
- Provide guidance and assist with Criticality Assessments for cyber security threats as required
- Knowledgeable of C-SCRM DoDI, NIST, NDAAs, Statutes, policies, and guidance to reference as required
- Consult, guide, and inform, PMs, ISSMs and procurement officers of C-SCRM lifecycle and policy
- Interact with external DoD organizations to provide guidance on C-SCRM tailor fit for cross collaboration and interactions across networks
- Understand and provide guidance on the DIA C-SCRM Clause and procedural guidance
- Ability to provide impact analysis of C-SCRM threats on Critical components and covered systems
- Provide guidance on C-SCRM Risk Management Framework (RMF) controls
- Capability to validate C-SCRM RMF control implementations and provide guidance on process improvements
- Ability to provide guidance and/or process improvements to increase C-SCRM resiliency
- Ability to understand and differentiate between the procurement and implementation aspect of C-SCRM
- Ability to tailor and improve C-SCRM documentation, C-SCRM processes, and C-SCRM policies for USSTRATCOM
- Ability to maintain relationships and coordination with multiple DoD agencies as USSTRATCOM C-SCRM liaison
- Ability to understand and become knowledgeable of cybersecurity aspect of C-SCRM
- Capability to create C-SCRM training program for USSTRATCOM HQ customers and inner/external organizations
- Ability to understand best practices to maintain resiliency and secure the C-SCRM and/or acquisition lifecycle of Free and Open Software (FOS)
- Ability to perform gap analysis of C-SCRM ICT items and assets that are both new and legacy
- Ability to create and maintain documents for reference
- The ability to brief and manage stakeholders at all levels of the DoD
- Capability to analyze and interpret NIST RMF control objectives and implementation
- Effectively communicate ideas and thoughts tailored to the organizational business objectives/mission to generate value
- Effectively communicate to connect with team members, develop better relationships with clients and manage the expectations of key stakeholders
- Understand organizational risk with the ability to tailor value based on customer risk appetite and risk threshold
- Ability to solve complex problems with minimum guidance and customer input
- Ability to learn on the fly and operate autonomously on a day to day basis
- Ability to communication complex documentation into commonly understood terminology for general understanding
- Ability to fulfill any gaps in knowledge that may complete the project(s) more efficiently or more successfully
- Efficiently manage conflict resolution to fix stalled workflows, discrepancies or addressing other setbacks with internal or external stakeholders
- Ability to develop preventive strategies to include training on improved C-SCRM practices, incident response initiatives, and C-SCRM policies and procedures
- Ability to understand the cybersecurity practice of protecting systems, network, and programs with an emphasis on critical components and trusted systems
- Ability to maintain, retain, and honor Non-disclosure agreements (NDAs) to prevent release of proprietary information
- Strong professional writing with the ability to learn different types of standardized formatting
- Ability to utilize PowerPoint MS Word and other MS products for productivity
Vacancy expired!
Report job