Cyber Risk Analyst Lead
Description:
Job Description
Job Description:
Our company seeks a skilled Conduct cyber security risk management analyst lead (CSRMA) to assist with the assessment of the organization's supply chain vendors, partners, and suppliers. The CSRMA analyze and evaluate cyber security risks associated with the supply chain, including but not limited to hardware and software components, third-party services, and data management processes. The analyst will develop risk mitigation strategies and controls to ensure the security of the organization's supply chain, collaborate with procurement and vendor management teams to ensure that cyber security requirements are included in the organization's contracts with suppliers and vendors. Monitor and track cyber security risks associated with the supply chain and provide regular updates to senior management. Stay up to date with emerging cyber security threats and trends in the supply chain industry.
Primary Responsibilities:
In this role, you will:
Conduct cyber security risk assessments of the organization's supply chain vendors, partners and suppliers.
Analyze and evaluate cyber security risks associated with the supply chain, including but not limited to hardware and software components, third-party services, and data management processes.
Develop risk mitigation strategies and controls to ensure the security of the organization's supply chain.
Collaborate with procurement and vendor management teams to ensure that cyber security requirements are included in the organization's contracts with supplier and vendors.
Monitor and track cyber security risks associated with the supply chain and provide regular updates to senior management.
Stayup-to-date with emerging cyber security threats and trends in the supply chain industry.
Follow all established processes and procedures in the accomplishment of Risk Assessment processes.
Act independently and work through the risk assessment process, solving problems and challenges as they arise, escalating to supervisor as required.
Provide weekly/monthly reporting updates to government customer.
Act as a lead and manage a small group of RA's.
Attend and or lead internal and external meetings.
Basic Qualifications
US Citizen
Must hold a minimum Secret clearance
Bachelor's degree in cyber security, information technology, computer science or related field.
At least 5-7 years of experience in cyber security risk management, with a focus on supply chain risk management.
Strong understanding of cyber security risk assessment methodologies and frameworks, such as NIST, ISO or CSA.
Familiarity with regulatory requirements related to supply chain security, such as CMMC or DFARS.
Excellent analytical and problem-solving skills.
Strong communication and collaboration skills.
Ability to work independently and as part of a team.
Ability to oversee and lead a small group of direct reports.
Professional certifications such as CISSP, CISM, or CRISC are preferred.
Industry-specific knowledge: Expertise with federal government
Basic Skills and Abilities:
Analytical skills: Ability to analyze data and produce metrics
Communication skills: Strong communication skills to effectively convey ideas and influence change within an organization.
If you are a highly motivated and detail-oriented individual with a passion for cyber security, we would love to hear from you.