SME SCRM Policy & Compliance Analyst

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experiencedSME SCRM Policy & Compliance Analystto support the delivery enhancement and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role you will work alongside government partners engineers and other industry teammates to translate operational and strategic requirements into scalable production-ready solutions. You will contribute directly to product planning execution and continuousimprovementhelping ensure capabilities are delivered efficiently aligned to mission priorities and positioned for sustained success.

This position offers the opportunity to work on a high-visibilityenterprise program at the intersection of data analytics and emerging AI technologies. Ideal candidates are motivated by mission impact comfortable operating in complex stakeholder environments and interested in building deep domainexpertisewhile delivering capabilities with real-world national security outcomes.

• Developmaintain and govern Supply Chain Risk Management (SCRM) policies Standard Operating Procedures (SOPs) templates and documentation to ensure consistent enterprise-wide implementation.

• Ensure program compliance with federal and DoD requirements including DFARS 252.204-7012 EO 14028 and NIST SP 800-171.

• Maintain and update risk registers traceability matrices and compliance documentation to support audits assessments and contract reviews.

• Coordinate with contracting cybersecurity and acquisition teams to ensure supply-chain requirements are integrated into procurement actions and adhered to throughout the vendor lifecycle.

• Support the Government in performing all auditing and audit reporting to external independent public auditors in support of an annual SOC1 audit including preparation of the SOC1 Report.

• Prepare and update various compliance and security documents such as Access Control Audit and Accountability Plan Backup and Recovery Change and Configuration Management Plan and others as needed.

• Top Secretwith SCI eligibilitysecurity clearance

• Bachelors degree in a related field such as Information Technology Cybersecurity Supply Chain Management or a related discipline.

• Minimum of3years of experience incybersupply chain risk management cybersecurity compliance or a related field.

• Knowledge of federal and DoD requirements including DFARS 252.204-7012DoDI 5200.44EO 14028 and NIST SP 800-161.

• Experience with developing and maintaining SCRM policies SOPs and compliance documentation.

• Strong understanding of audit processes and experience in supporting audits and assessments.

• Excellent communication and coordination skills to work with contracting cybersecurity and acquisition teams.

• Certifications in Cybersecurity like Security plus CISM

Preferred Qualifications: