Sr. Cyber Supply Chain Risk Management Consultant (C-SCRM) (Inte with Security Clearance
- Employer
- HII Mission Technologies
- Location
- Baltimore, Maryland
- Posted
- Sep 12, 2024
- Closes
- Oct 01, 2024
- Ref
- 2822065682
- Discipline
- Safety / Security
- Position Type
- Consultant
- Specialty
- Autonomy
- Hours
- Full Time
- Organization Type
- Corporate, Other Corporate
Requisition Number: 19719 Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Security Clearance: TS/SCI Level of Experience: Mid HI This opportunity resides with Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR), a business group within HII's Mission Technologies division. From towers to processors, we design, develop, integrate and manage the sensors, systems and other assets necessary to support integrated intelligence, surveillance and reconnaissance (ISR) operations, exploitation and analysis for the Intelligence Community, the military services, geographic and functional combatant commands and DoD agencies. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: Who We Are HII - Mission Technologies is seeking a Senior Cyber Supply Chain Risk Management (C-SCRM) Consultant for a hybrid of telework and work at the client's site in Baltimore (Woodlawn) MD. This position requires experience in supply chain management and risk assessment/mitigation methods along with strong background in cybersecurity. The candidate selected for this position will support the Director, Division of Strategic Information (DSI), Center for Medicare and Medicaid Services (CMS) and other government personnel. Day to day activities include working with other contractors on the C-SCRM line of effort as they pertain to cyber supply chain risk management, especially those related to Information and Communications Technology (ICT) assets. What We Are Looking For Advise CMS DSI personnel on cybersecurity supply chain risk management policy and standard operating procedures.
Identify all CMS vendors/suppliers who have ICT products/services that connect to or traverse Centers for Medicare & Medicaid Services (CMS) networks. This includes analyzing active contracts lists and reviewing completed Information Security Certification forms.
Review/evaluate products against known threats, known exploitable vulnerabilities (KEVs), and Common Vulnerabilities and Exposures (CVEs).
Develop and maintain processes related to C-SCRM and ICT risk assessments
Analyze C-SCRM-related data and convey the threat level to senior leadership along with a recommendation on how to best mitigate risk.
Evaluate and monitor software supplier adherence to Secure Software Development Framework (SSDF) attestations and other cybersecurity contractual requirements (especially for Executive Order defined critical software)
Review and evaluate software supplier SBOMs for supply chain risks, and provide cyber-focused risk mitigation recommendations within Supply Chain Risk Assessments
Review and evaluate existing and prospective suppliers Service Organization Control (SOC) 2 reports
Review, evaluate, and continuously monitor prospective and existing supplier cyber hygiene, illuminated through 3rd party due diligence tools or other government tools.
Develop the supplier cyber evaluation portion of the supply chain risk assessment reports.
Collaborate and liaison with CMS' cybersecurity staff to gather and include relevant information into reports.
Identify resources used to conduct or enhance the SCRA assessment and collaborate with the government to obtain access.
Contribute to development and evaluation of pre-acquisition vendor/supplier questionnaires.
Assist with development and implementation of cyber-related supplier risk event/ incident responses.
Identify resources used to conduct or enhance the SCRA assessment and collaborate with the government to obtain access.
What We Are Looking For 9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
Familiarity with cybersecurity practices to integrate cybersecurity and C-SCRM.
Knowledge of commercially available C-SCRM tools and proficiency in analyzing ICT products/services and understanding both supply chain risk and cybersecurity frameworks and standards.
Good quantitative and analytical skills Demonstrated ability to use MS Office Suite to include Word, PowerPoint, and Excel.
Superior oral and written communication skills Ability to effectively interact with senior executives from Government and Industry Ability to create and foster a cooperative work environment.
Self-directed, detail oriented in completing assigned tasks, able to adapt to changing work efforts and manage impact of shifting priorities.
Availability for occasional travel.
This position requires an active security clearance at the TS/SCI level.
Preferred: Bonus Points For Bachelor's degree in business administration, supply chain management, logistics, cybersecurity, information technology, or related field.
6+ years' experience in supply chain risk. Specific focus on cyber supply chain management (C-SCRM).
HII is more than a job - it's an opportunity to build a new future. We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k ; financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships. Why HII We build the world's most powerful, survivable naval ships and defense technology solutions that safeguard our seas, sky, land, space and cyber. Our diverse workforce includes skilled tradespeople; artificial intelligence, machine learning (AI/ML) experts; engineers; technologists; scientists; logistics experts; and business administration professionals. Recognized as one of America's top large company employers, we are a values and ethics driven organization that puts people's safety and well-being first. Regardless of your role or where you serve, at HII, you'll find a supportive and welcoming environment, competitive benefits, and valuable educational and training programs for continual career growth at every stage of your career. Together we are working to ensure a future where everyone can be free and thrive. Today's challenges are bigger than ever, and the nation needs the best of us. It's why we're focused on hiring, developing and nurturing our diversity. We believe that diversity among our workforce strengthens the organization, stimulates creativity, promotes the exchange of ideas and enriches the work lives of all our employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call 1- for assistance. Press for HII Mission Technologies.
Identify all CMS vendors/suppliers who have ICT products/services that connect to or traverse Centers for Medicare & Medicaid Services (CMS) networks. This includes analyzing active contracts lists and reviewing completed Information Security Certification forms.
Review/evaluate products against known threats, known exploitable vulnerabilities (KEVs), and Common Vulnerabilities and Exposures (CVEs).
Develop and maintain processes related to C-SCRM and ICT risk assessments
Analyze C-SCRM-related data and convey the threat level to senior leadership along with a recommendation on how to best mitigate risk.
Evaluate and monitor software supplier adherence to Secure Software Development Framework (SSDF) attestations and other cybersecurity contractual requirements (especially for Executive Order defined critical software)
Review and evaluate software supplier SBOMs for supply chain risks, and provide cyber-focused risk mitigation recommendations within Supply Chain Risk Assessments
Review and evaluate existing and prospective suppliers Service Organization Control (SOC) 2 reports
Review, evaluate, and continuously monitor prospective and existing supplier cyber hygiene, illuminated through 3rd party due diligence tools or other government tools.
Develop the supplier cyber evaluation portion of the supply chain risk assessment reports.
Collaborate and liaison with CMS' cybersecurity staff to gather and include relevant information into reports.
Identify resources used to conduct or enhance the SCRA assessment and collaborate with the government to obtain access.
Contribute to development and evaluation of pre-acquisition vendor/supplier questionnaires.
Assist with development and implementation of cyber-related supplier risk event/ incident responses.
Identify resources used to conduct or enhance the SCRA assessment and collaborate with the government to obtain access.
What We Are Looking For 9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
Familiarity with cybersecurity practices to integrate cybersecurity and C-SCRM.
Knowledge of commercially available C-SCRM tools and proficiency in analyzing ICT products/services and understanding both supply chain risk and cybersecurity frameworks and standards.
Good quantitative and analytical skills Demonstrated ability to use MS Office Suite to include Word, PowerPoint, and Excel.
Superior oral and written communication skills Ability to effectively interact with senior executives from Government and Industry Ability to create and foster a cooperative work environment.
Self-directed, detail oriented in completing assigned tasks, able to adapt to changing work efforts and manage impact of shifting priorities.
Availability for occasional travel.
This position requires an active security clearance at the TS/SCI level.
Preferred: Bonus Points For Bachelor's degree in business administration, supply chain management, logistics, cybersecurity, information technology, or related field.
6+ years' experience in supply chain risk. Specific focus on cyber supply chain management (C-SCRM).
HII is more than a job - it's an opportunity to build a new future. We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k ; financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships. Why HII We build the world's most powerful, survivable naval ships and defense technology solutions that safeguard our seas, sky, land, space and cyber. Our diverse workforce includes skilled tradespeople; artificial intelligence, machine learning (AI/ML) experts; engineers; technologists; scientists; logistics experts; and business administration professionals. Recognized as one of America's top large company employers, we are a values and ethics driven organization that puts people's safety and well-being first. Regardless of your role or where you serve, at HII, you'll find a supportive and welcoming environment, competitive benefits, and valuable educational and training programs for continual career growth at every stage of your career. Together we are working to ensure a future where everyone can be free and thrive. Today's challenges are bigger than ever, and the nation needs the best of us. It's why we're focused on hiring, developing and nurturing our diversity. We believe that diversity among our workforce strengthens the organization, stimulates creativity, promotes the exchange of ideas and enriches the work lives of all our employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call 1- for assistance. Press for HII Mission Technologies.