SCRM Analyst
Ashburn, VA, USA
Applications have closed
OneZero Solutions
OneZero Solutions is an 8(a), Service-Disabled Veteran-Owned Small Business (SDVOSB) that is problem-solving and solutions-oriented. OneZero specializes in cybersecurity operations, information assurance, computer network operations, solutions...We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/
Title: SCRM Analyst
Location: Ashburn, VA
Clearance: Secret
Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.
Primary Responsibilities:
The position of Supply Chain Risk Analyst will provide risk and opportunity planning, analysis and reporting to include:
•Vulnerability due diligence assessments, Cybersecurity Maturity Model Certification, PMO and source code analysis. To also develop policies and procedures that support customer office and align to risk management framework.
•This team will be responsible for developing the foundational policies and processes to stand up the Cyber Risk Management Team within CBP SOC.
•The position will lead the development of supplier threat and vulnerability assessments related to risk and support change management efforts across the corporation. In addition, individual may support category managers in developing risk assessments across various categories.
•May be required to draft and support all-source intelligence production in compliance with Tradecraft Standards
•Candidate will provide methods to properly communicate the risks applicable to CBP stakeholders and senior management.
•Candidate will create a holistic risk picture for the communications branch and will also provide briefings for senior management on the on the cyber risk posture of CBP.
•Attend and participate in meetings, conferences, and working groups in support of CBP.
•Conduct risk, vulnerability, criticality assessments to prioritize supply chain vendors and their potential impact on CBP's mission.
•Candidate will assist the Government in conducting reviews and recommendations to aid the government in approving of risk acceptance memorandums, assist with the prioritization of POA&Ms, create risk profiles for all CBP information systems, identify common gaps in the information system compliance to focus holistic funding in support of remediating security findings for multiple systems.
Basic Qualifications:
•Clearance: All CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
•A Bachelor's degree and 8 years of applicable experience is required, or a High School diploma + 9 years of applicable experience
•Professional writing, editing, and sourcing skills are mandatory in order to be successful in the position
•Ability to apply extensive knowledge of grammar, punctuation, and corporate writing standards in order to edit reports
•Ability to handle multiple tasks and adjust to changing priorities as needed
•Strong attention to details is required
•Past history developing policies and procedures for compliant procurement in an services environment
•Fundamental understanding of supplier quality management processes
•Strong understanding of Risk Management Framework (RMF)
•Strong understanding of NIST 800-161, NIST 800-30, NIST 800-37 or equivalent DoD policies/standards
Preferred Qualifications:
•Experience in cyber government, and/or federal law enforcement. Experience in Vulnerability scanning and analysis. Experience in financial, CSP and FISMA audits.
•Prior CBP Experience
OneZero Solutions, LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access www.onezerollc.com/careers as a result of your disability.
To request an accommodation, please contact us at recruiting@onezerollc.com or call (202) 987-2580.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Clearance Cloud CMMC Code analysis Compliance DoD FISMA Intrusion detection Monitoring NIST Risk assessment Risk management RMF SOC
Perks/benefits: Career development Conferences Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.