FCC SCRMEmerging Technology Security Analyst

CFocus Softwareorporated

Job Location:

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a SCRM/Emerging Technology Security Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
37 years of experience in cybersecurity risk management or supply chain security.
Experience supporting enterprise cybersecurity environments of similar scale and complexity.
Knowledge of NIST frameworks (RMF CSF) FISMA and federal security standards.
Experience with third-party risk management vendor assessments or SCRM programs.
Familiarity with AI/ML security risks and emerging cybersecurity trends
Strong analytical and risk assessment capabilities
Knowledge of supply chain threats and mitigation strategies
Understanding of AI/ML security risks and governance
Experience with security documentation and reporting
Excellent communication and stakeholder coordination skills
Required Certifications
- At least one relevant cybersecurity certification such as:
- CISSP CISM or Security
- Certified in Risk and Information Systems Control (CRISC)
- Certified Supply Chain Professional (CSCP) or equivalent (preferred)
- Additional role-based certifications related to cloud AI security or risk management are desirable..

Duties:

Support Supply Chain Risk Management (SCRM) activities including analysis of third-party/vendor risks documentation and mitigation strategies.
Assess risks associated with emerging technologies including AI automation and cloud-based services.
Provide risk-informed recommendations for secure adoption of new technologies.
Support development and maintenance of SCRM documentation policies and processes.
Conduct security reviews of vendors software and emerging platforms.
Analyze cybersecurity threats related to supply chain and emerging technologies.
Collaborate with compliance engineering SOC/NOC and risk teams.
Support reporting activities including SCRM status reports risk registers and audit artifacts.
Identify gaps in SCRM and emerging technology security practices and recommend improvements.
Assist with governance and compliance activities aligned to NIST FISMA and federal cybersecurity frameworks.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
37 years of experience in cybersecurity risk management or supply chain security.
Experience supporting enterprise cybersecurity environments of similar scale and complexity.
Knowledge of NIST frameworks (RMF CSF) FISMA and federal security standards.
Experience with third-party risk management vendor assessments or SCRM programs.
Familiarity with AI/ML security risks and emerging cybersecurity trends
Strong analytical and risk assessment capabilities
Knowledge of supply chain threats and mitigation strategies
Understanding of AI/ML security risks and governance
Experience with security documentation and reporting
Excellent communication and stakeholder coordination skills
Required Certifications
- At least one relevant cybersecurity certification such as:
- CISSP CISM or Security
- Certified in Risk and Information Systems Control (CRISC)
- Certified Supply Chain Professional (CSCP) or equivalent (preferred)
- Additional role-based certifications related to cloud AI security or risk management are desirable..

Duties:

Support Supply Chain Risk Management (SCRM) activities including analysis of third-party/vendor risks documentation and mitigation strategies.
Assess risks associated with emerging technologies including AI automation and cloud-based services.
Provide risk-informed recommendations for secure adoption of new technologies.
Support development and maintenance of SCRM documentation policies and processes.
Conduct security reviews of vendors software and emerging platforms.
Analyze cybersecurity threats related to supply chain and emerging technologies.
Collaborate with compliance engineering SOC/NOC and risk teams.
Support reporting activities including SCRM status reports risk registers and audit artifacts.
Identify gaps in SCRM and emerging technology security practices and recommend improvements.
Assist with governance and compliance activities aligned to NIST FISMA and federal cybersecurity frameworks.