Cyber Supply Chain Risk Analyst

Thank you for considering IT Concepts dba Kentro where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers missions fostering professional growth and making a positive impact on our communities.

By joining our supportive community you will find that Kentro is dedicated to your personal and professional development. Together we can drive meaningful change spark innovation and achieve extraordinary milestones.

Kentro is hiring a Cyber Supply Chain Risk Analyst to support the Agencys Cybersecurity Supply Chain Risk Management (CSCRM) mission by executing continuous monitoring activities for Tier 1 vendors and upstream suppliers. This role is responsible for operating third-party risk monitoring tools analyzing cyber risk indicators coordinating vendor remediation and producing actionable dashboards and reports.

Responsibilities:

Continuous Monitoring Operations:

• Configure and operate third-party cyber supply chain risk monitoring tools to assess Tier 1 vendors and upstream suppliers.

• Review and analyze alerts risk scores and reports related to:

• Data breaches

• Ransomware exposure

• Known vulnerabilities

• Compliance issues

• Ensure monitoring frequency aligns with defined risk categories (daily weekly monthly).

Risk Analysis & Reporting:

• Identify high-risk vendors based on monitoring data and established thresholds.

• Develop and maintain dashboards highlighting Tier 1 high-risk vendors.

• Contribute to bi-weekly status reports with clear summaries of risks trends and remediation progress.

Vendor Risk Remediation:

• Notify vendors when cyber risk scores fall below acceptable thresholds.

• Track vendor remediation actions including:

• Patch timelines

• Vulnerability resolution

• Compliance remediation

• Incident response actions

• Coordinate with internal teams (CSCRM Strategic Sourcing CORs program managers) to support remediation efforts.

• Escalate unresponsive or non-compliant vendors per defined escalation paths.

Tool Integration & Data Management:

• Use the Agencys Third-Party Risk Management (TPRM) tool integrations to manage and track continuous monitoring data.

• Ensure risk data is accurate current and accessible for review and decision-making.

Location: Hybrid in Woodlawn MD

Salary Range: $82000-$102000/annually. Factors influencing pay within this range include geography market demand skills education experience and other qualifications of the successful candidate.

• Bachelorsand 8 yearsof experience

• Experience supporting cybersecurity risk management third-party risk or supply chain risk activities.

• Familiarity with continuous monitoring concepts and cyber risk indicators.

• Experience reviewing and analyzing cybersecurity dashboards alerts or reports.

• Strong documentation and communication skills.

Preferred Qualifications:

• Knowledge of NIST SP 800-161 (Cyber Supply Chain Risk Management).

• Experience working with vendor remediation and stakeholder coordination.

• Experience supporting federal IT or cybersecurity programs.

Clearance Requirement:

• Must be able to obtain and maintain Public Trust Clearance
• Must be a US Citizen

The Company

We believe in generating success collaboratively enabling long-term mission success and building trust for the next challenge. With you as our partner lets solve challenges think innovatively and maximize impact. As a valued member of our team you have the unique opportunity to work in a diverse range of technology and business career paths all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork dedication and excellence.

We hold three ISO certifications (27001:-1::2015) two CMMI ML 3 ratings (DEV and SVC) and CMMC Level 2 Certification.

Industry Recognition

Growth Inc 5000s Fastest Growing Private Companies DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies Top Performing Small Technology Companies in Greater D.C.

Culture Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work Corporate Diversity Index Winner Mid-Size Companies Companies Owned by People of Color; Department of Labors HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award

Benefits

We offer competitive benefits package including paid time off healthcare benefits supplemental benefits 401k including an employer match discount perks rewards and more. We invest in our employees Every employee is eligible for education reimbursement for certifications degrees or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course complete a certification or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities virtual and in-person e.g. we host happy hours holiday events fitness & wellness events and annual alignment with our commitment to our communities we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative innovative and happy.

Commitment Equal Opportunity Employment & VEVRAA

Kentro is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to disability status as a protected veteran or any other status protected by applicable federal state or local law.

Kentro is strongly committed to compliance with VEVRAA and other applicable federal state and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure our hiring practices align with these requirements.

As part of our VEVRAA compliance efforts Kentro has established an equal opportunity plan outlining our commitment to recruiting hiring and advancing protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.

We encourage protected veterans to self-identify during the application process. This information is strictly confidential and will only be used for reporting and compliance purposes as required by law. Providing this information is voluntary and will not impact your employment eligibility.

Our commitment to equal employment opportunity extends beyond legal compliance. We are dedicated to fostering an inclusive workplace where all employees including protected veterans are treated with dignity respect and fairness.

How to Apply

To apply to Kentro Positions- Please click on the: Apply for this Job button at the bottom of this Job Description or the button at the top: Application. Please upload your resume and complete all the application steps. You must submit the application for Kentro to consider you for a position. If you need alternative application methods please email and request assistance.

Accommodations

To perform this job successfully an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations please email .

Required Experience:

IC