Provides analytical support to manage the increasing risk of supply chaincompromise related to cybersecurity, whether intentional or unintentional.
Identifies, assesses, and mitigates the risks associated with the distributed and interconnected nature of ICT/OT product and service supply chains.
Ensures the integrity, security, quality and resilience of the supply chain and its products and services.
Creates detailed technical vulnerability reports for ICT products and assigned technical “as a service” procurements.
Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed,
especially regarding future business expansion Provides information security matter expertise to technology teams and projects.
Creates security architecture standards for adoption of new technology
Identifies, quantifies, and recommends mitigation actions for security risks as they relate to enterprise projects.
Produces management reporting, including appropriate metrics that inform senior leadership as to the state of information risk and exposure.
Understands security product/service cost drivers and industry and business trends impacting the Agency information security program.
Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed,
especially regarding future business expansion. Provides information security matter expertise to technology teams and projects.
Requirements:
B.S. degree in Computer Science, Business Management, or IT related discipline strongly preferred or an additional 4 years of experience in lieu of degree.
