SCRM/Emerging Technology Security Analyst (Cybersecurity)

TL;DR

SCRM/Emerging Technology Security Analyst (Cybersecurity): Supporting the Federal Communications Commission (FCC) by analyzing third-party vendor risks and securing the adoption of emerging technologies with an accent on supply chain risk management (SCRM) and AI/ML security. Focus on conducting security reviews of vendors, aligning with NIST and FISMA frameworks, and mitigating supply chain threats.

Location: Remote (Requires Public Trust clearance, implying US-based)

Company

hirify.global provides specialized professional services and technical support to federal agencies, including the FCC.

What you will do

• Perform Supply Chain Risk Management (SCRM) activities, including third-party vendor risk analysis and mitigation.
• Assess security risks for emerging technologies such as AI, automation, and cloud services to provide secure adoption recommendations.
• Develop and maintain SCRM documentation, policies, and governance processes.
• Conduct rigorous security reviews of vendors, software, and emerging platforms.
• Analyze cybersecurity threats related to the supply chain and collaborate with SOC/NOC, engineering, and compliance teams.
• Manage risk registers, status reports, and audit artifacts aligned with federal cybersecurity frameworks.

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 3–7+ years of experience in cybersecurity, risk management, or supply chain security.
• Ability to obtain and maintain a Public Trust clearance.
• Knowledge of NIST frameworks (RMF, CSF), FISMA, and federal security standards.
• Experience with third-party risk management and vendor assessments.
• Professional certification such as CISSP, CISM, Security+, or CRISC.

Nice to have

• Certified Supply Chain Professional (CSCP) or equivalent certification.
• Additional certifications related to cloud security or AI security.