September 15, 2023
San Antonio, TX
- New Associate Specialist/Specialist position to perform supply chain cybersecurity risk management and ensure supply chain compliance with government cybersecurity requirements - e.g., assisting the Purchasing Cybersecurity Subject Matter Expert (SME).
- Monitor cybersecurity surveys, review files produced for audit, and assist with training the Purchasing Department and technical division staff.Ensure effective supply chain cyber risk management in accordance with internal and regulatory requirements
- Responsible for Supply Chain Cybersecurity Compliance with Federal Government requirements, as well as Supply Chain Cyber Risk Management (SCRM). Monitor and manage the SCRM lifecycle, from the time of stakeholder request through supplier approval.
- Attend and participate in meetings, conferences, WebEx's, and working groups related to the Cybersecurity Maturity Model Certification (CMMC) and other Federal Government cybersecurity requirements.
- Help develop and maintain policies and procedures and other process documents.
- Contribute to increasing awareness of supply chain cyber risk management through training for Purchasing and non-Purchasing staff.Continuously monitor suppliers to ensure compliance, identify issues, and work with suppliers and internal stakeholders to manage timely remediation
- Submit surveys to suppliers to determine compliance with Federal Government cybersecurity requirements.
- Receive, analyze, and interpret supplier survey responses. Communicate survey results to stakeholders in the technical divisions (stakeholders)
- Collaborate with stakeholders, as needed to evaluate, prioritize, and remediate supply chain cybersecurity risks.
- Enter and track supplier cybersecurity survey results and related data for risk management purposes using internal systems.
- Draft contract language as needed to ensure compliance, and maintain standard language approved by Legal in a central repository.
- Support DCMA cybersecurity assessments of Purchasing processes, and help develop corrective action plans in the event of findings.
- Demonstrate exceptional organizational skills, work efficiently under minimal supervision, work well as part of a team or individually, and actively participate in a fast-paced and challenging environment.
- Develop a deep understanding of the risk landscape for supply chain cybersecurity, and gain a good understanding of how to prioritize and protect against these threats from a procurement standpoint through approved training and online research.
- Other duties as assigned.
- Requires a Business or related with related industry experience
- Master's Degree a plus
- Familiarity with or interest in current Federal Government supply chain laws, regulations, standards, and/or best practices including, but not limited to, FAR 52.204-21, NIST 800-171, DFARS 252.204-7012, DFARS 252.204-7019, DFARS 252.204-7020, and DFARS 252.204-7021.
- 0-5 years: Contracts or Subcontracts negotiation, award and administration
- Experience with personal computers
- Knowledge of general business practices and procedures
- Excellent written and verbal communication skills
- Strong attention to detail. Exceptional organizational, prioritization, and time management skills
- A valid/clear driver's license is required