HiringCafe
This job has expired

This job posting is no longer active and is not accepting applications. Explore similar roles below!

Posted 1mo ago

Supply Chain Risk Management Analyst

@ Pueo Business Solutions
View All Jobs
Tysons, Virginia, United States
OnsiteFull Time
Responsibilities:Perform risk assessments, Analyze threat intelligence, Evaluate vulnerabilities
Requirements Summary:5+ years in DoD/IC SCRM; understanding of DoD/IC acquisition and logistics; DoD 8570 IAT Level III Certification.
Technical Tools Mentioned:NIST 800-161, DFARS, FAR, CMMC, Threat Intelligence, Geopolitical risk data
Save
Mark Applied
Hide Job
Report & Hide
Job Description

OVERVIEW:

The SCRM Analyst, is responsible for assessing supply chain threats and vulnerabilities across hardware, software, services, and vendors, and for driving technical and process controls that reduce risk. This role partners with security, procurement, engineering, and legal teams to ensure suppliers and components meet security, reliability, and compliance requirements throughout the lifecycle.

 

GENERAL DUTIES:

 

  • Perform technical supply chain risk assessments on vendors, products, software, and services, including dependency and provenance analysis.
  • ​Analyze open source, threat intelligence, and internal data to identify and track supplier related cyber, geopolitical, and operational risks.
  • ​Evaluate hardware and software for potential vulnerabilities, malicious code, or untrusted components in coordination with security engineering and IT.
  • ​Maintain and refine SCRM risk models, scorecards, and watchlists to prioritize suppliers and technologies for deeper review and continuous monitoring.
  • ​Recommend technical and contractual mitigations (e.g., approved parts lists, alternative sources, additional testing, segmentation) and track implementation status.
  • ​​Develop and produce concise risk reports and briefings for leadership, summarizing findings, impacts, and recommended actions.
  • ​Support incident response activities when supplier or component issues are suspected, providing root cause input and remediation guidance.
  • ​Analyze potential risks across government supply chains, including geopolitical, cybersecurity, financial, and operational threats.
  • Compliance & Policy Adherence: Ensure supply chain operations comply with federal regulations such as NIST 800-161, DFARS, FAR, CMMC, and Executive Orders related to supply chain security.
  • Evaluate government contractors and suppliers for security vulnerabilities, financial stability, and compliance with national security standards.
  • Use analytics tools to monitor supply chain threats, leveraging government intelligence sources and industry risk databases.
  • Develop risk mitigation strategies and response plans for supply chain disruptions, including emergency preparedness and alternative sourcing.
  • Coordinate with government agencies, defense contractors, and intelligence community to enhance supply chain resilience.

 

REQUIRED QUALIFICATIONS:

  • 5+ years of experience supporting Supply Chain Risk Management efforts for DoD and/or Intelligence Community programs, including risk, vulnerability, and criticality assessments of suppliers, products, and services.
  • Strong understanding of DoD and IC acquisition and logistics processes, to include how SCRM requirements are integrated into requirements development, source selection, contracting, and lifecycle sustainment.
  • Must be DoD 8570 IAT Level III Certified

 

CLEARANCE:

  • Top Secret minimum