Job Description
Job Description
Contract position through 2026 + extension
Supply Chain Risk Management (SCRM) Analyst — This role focuses on identifying, analyzing, and managing cybersecurity, compliance, and operational risks across defense suppliers, with a strong emphasis on software and technology supply chains.
Responsibilities:
- Identify and assess risks in defense suppliers, systems, and software components
- Evaluate vendors for cybersecurity posture, compliance, and reliability
- Ensure adherence to federal regulations (NIST 800-53, DFARS, FAR, NDAA restrictions, etc.)
- Monitor supplier environments for vulnerabilities, changes, and emerging risks
- Produce risk assessments, reports, and recommendations for leadership and stakeholders
- Collaborate with engineering, procurement, and security teams to mitigate identified risks
- Support improvements to the organization’s supply chain risk management framework and processes
Requirements:
- U.S. citizen with active Secret clearance (TS eligibility required)
- Bachelor’s degree
- 3–5 years of experience in defense, cybersecurity, supply chain risk, or related fields
- Strong understanding of software supply chain security and defense industry compliance frameworks
- Familiarity with NIST 800-53, DFARS, FAR, and NDAA requirements
- Strong analytical, communication, and reporting skills
Company DescriptionGCR Professional Services is an engineering and information technology staffing firm (direct-hire, consultants, contract-to-hire).
Company Description
GCR Professional Services is an engineering and information technology staffing firm (direct-hire, consultants, contract-to-hire).