Cyber Supply Chain Risk Management (C-SCRM) and Enterprise Response SME

Remote (Any State), VA, United States of America
Nov 23, 2022
Dec 23, 2022
Full Time
Cyber Supply Chain Risk Management (C-SCRM) and Enterprise Response SME

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

What You'll Get to Do

As a highly qualified cybersecurity supply chain risk management (C-SCRM) SME with a specific background in C-SCRM operations, tools, and use cases, you will be responsible for advising and assisting the CISA Federal Enterprise Improvement Team (FEIT) in the following support areas:
  • Agency C-SCRM tools and processes discovery,
  • Agency C-SCRM risk assessments,
  • Technical consultation to assist in the development of Agency cybersecurity C-SCRM implementation and improvement plans,
  • Architectural and cyber capabilities design reviews, and
  • Supporting the development CISA FEIT-specific directives and guidance analysis

This work will involve interaction with various Federal Agencies as reviews and recommendations are made to improve the overall Agency enterprise security status.

More About the Role

The C-SCRM and Enterprise Response Subject Matter Expert (SME) will be responsible for supporting the development of essential baseline Cybersecurity Supply Chain Risk Management (C-SCRM) services and programming to increase transparency, consistency, and information flow, across the Federal Civilian Executive Branch (FCEB) agencies.

The schedule is highly compressed and will demand one to possess a background across multiple disciplines.

You'll Bring These Qualifications
  • Demonstrated experience and understanding of methods used to compromise cyber supply chains and the associated cybersecurity supply chain risks
  • Demonstrated experience in developing a C-SCRM strategy and/or implementation plan for a Federal Agency
  • Serve as the subject matter expert, possessing in-depth knowledge of C-SCRM best practices and policies
  • Applicable SCRM certification(s) are highly desired and may be a follow-on requirement
  • Demonstrated experience using and possessing a:
    • Solid knowledge and experience with NIST SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations and the NIST Cybersecurity Framework.
    • Familiarity with ISO/IEC 27002: Code of practice for information security controls; ISO/IEC 27036-1, Information Security for Supplier Relationships; and ISO/IEC 20243 / O-TTPS, Open Trusted Technology Provider Standard
  • Demonstrated experience supporting the designing of a Technical Refresh Plan for a Government Network.
  • Thorough understanding, and experience performing a RMF or equivalent, Certification & Accreditation (C&A)/Assessment & Authorization (A&A)
  • Strong communication and organization skills
  • US Citizenship required
  • Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance. Active DoD clearance preferred.
  • University Degree (BA/BS) or equivalent experience and minimum 10 years of related work experience

These Qualifications Would Be Nice to Have
  • Highly motivated, independent thinker and team player
  • Ability to work in fast paced environment balancing competing demands and deadlines
  • Certified Information Systems Security Professional (CISSP) or equivalent certification

What We Can Offer You:
We've been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
For over 60 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Pay Range: The proposed salary range for this position is $101,800-$218,800. There are a host of factors that can influence final salary including, but not limited to, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. Employment benefits include health and wellness programs, income protection, paid leave and retirement and savings.

As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

Similar jobs