Cybersecurity Supply Risk Chain Management Specialist

Job Description

Description

Senior Cybersecurity Specialist Description - External

SAIC is seeking a Cybersecurity Supply Chain Risk Management (C-SCRM) Specialist that will research current and new policy, guidance, statues, and governance and best practices to design, implement, and mature the C-SCRM program.

Duties

• Setup and attend monthly meetings with DoD CIO and other DoD agencies
• Knowledgeable of the Cybersecurity C-SCRM lifecycle
• Perform open intelligence C-SCRM illumination on ICT items
• Compile, file, and submit cyber threat assessments internal and external to the DoD customer
• Provide guidance and assist with Criticality Assessments for cyber security threats as required
• Knowledgeable of C-SCRM DoDI, NIST, NDAAs, Statutes, policies, and guidance to reference as required
• Consult, guide, and inform, PMs, ISSMs and procurement officers of C-SCRM lifecycle and policy
• Interact with external DoD organizations to provide guidance on C-SCRM tailor fit for cross collaboration and interactions across networks
• Understand and provide guidance on the DIA C-SCRM Clause and procedural guidance
• Ability to provide impact analysis of C-SCRM threats on Critical components and covered systems
• Provide guidance on C-SCRM Risk Management Framework (RMF) controls
• Capability to validate C-SCRM RMF control implementations and provide guidance on process improvements
• Ability to provide guidance and/or process improvements to increase C-SCRM resiliency
• Ability to understand and differentiate between the procurement and implementation aspect of C-SCRM
• Ability to tailor and improve C-SCRM documentation, C-SCRM processes, and C-SCRM policies for USSTRATCOM
• Ability to maintain relationships and coordination with multiple DoD agencies as USSTRATCOM C-SCRM liaison
• Ability to understand and become knowledgeable of cybersecurity aspect of C-SCRM
• Capability to create C-SCRM training program for USSTRATCOM HQ customers and inner/external organizations
• Ability to understand best practices to maintain resiliency and secure the C-SCRM and/or acquisition lifecycle of Free and Open Software (FOS)
• Ability to perform gap analysis of C-SCRM ICT items and assets that are both new and legacy
• Ability to create and maintain documents for reference
• The ability to brief and manage stakeholders at all levels of the DoD
• Capability to analyze and interpret NIST RMF control objectives and implementation

Qualifications

Education and Experience:

Bachelors and five (5) years or more experience, Masters and three (3) years or more of experience, PhD and 0 years or more of experience or 9 years of experience in lieu of degree

Qualifications/Skills

• Effectively communicate ideas and thoughts tailored to the organizational business objectives/mission to generate value
• Effectively communicate to connect with team members, develop better relationships with clients and manage the expectations of key stakeholders
• Understand organizational risk with the ability to tailor value based on customer risk appetite and risk threshold
• Ability to solve complex problems with minimum guidance and customer input
• Ability to learn on the fly and operate autonomously on a day to day basis
• Ability to communication complex documentation into commonly understood terminology for general understanding
• Ability to fulfill any gaps in knowledge that may complete the project(s) more efficiently or more successfully
• Efficiently manage conflict resolution to fix stalled workflows, discrepancies or addressing other setbacks with internal or external stakeholders
• Ability to develop preventive strategies to include training on improved C-SCRM practices, incident response initiatives, and C-SCRM policies and procedures
• Ability to understand the cybersecurity practice of protecting systems, network, and programs with an emphasis on critical components and trusted systems
• Ability to maintain, retain, and honor Non-disclosure agreements (NDAs) to prevent release of proprietary information
• Strong professional writing with the ability to learn different types of standardized formatting
• Ability to utilize PowerPoint MS Word and other MS products for productivity

Qualifications - External

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.

Clearance required to start: Top Secret/SCI or DoE Q Must be a US citizen required certification compliance:

Three-year’ experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253

Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities

Three-year’ experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope.

DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.