Tyto Athene is seeking a forward-thinking and self-motivated Supply Chain Risk Management (SCRM) Lead to consult for our US Federal Government customers. You will be responsible for helping Federal customers solve one of the most critical challenges that exist in cybersecurity today, how to secure the government’s technology supply chain. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly collaborative work environment. Professionalism in dealing with senior leaders within the Federal Government is important. Responsibilities: Provide expertise in supply chain risk management and assess a client’s supply chain program, policies, and procedures against best practices, and make improvement recommendations Provide expertise in vendor/supplier assessment and evaluation Prepare reports, briefings, point papers, reviews, and oral presentations as may be directed to translate the results from the analysis to executive decision-makers Keep clients and staff informed of the most up-to-date information regarding supply chain risk management best practices and any relevant current Federal Government policies, guidance, memorandums, and strategies that might affect the client’s SCRM program Lead and develop a scalable assessment team that will perform supply chain risk assessments, including research, analysis, identification of risk, and continuous monitoring of supply chain vulnerabilities Perform supply chain risk assessments, including research, analysis, identification of risk, and continuous monitoring of supply chain vulnerabilities Required: Bachelor’s degree in Computer Science, Information Technology, or related field and 12 years of relevant experience or a Masters degree and 8 years. Experience with hardware or software assurance Knowledge of: TCP/IP Packet Analysis SIEM Operation Understanding of how exploits work and appear within network traffic Intrusion Detection Technology Understanding of root kits, exploits, and other types of malware Awareness and understanding of popular attack tools (e.g Zeus, Blackhole, Slowloris, LOIC, Cryptolocker, Pony Loader, etc.)Ability to communicate effectively the actual status of an incident, attack, or other cyber issue. Awareness of tradecraft used by Nation State APT actors Capability to support the following systems: ArcSight SIEM; Splunk; Novetta Cyber Analytics; FireEye MPS Suite; Snort IDS; Bro IDS; Fidelis XPS; CloudShield Trusted Cyber Solution Orchestrator; Microsoft Advanced Threat Analytics; Counterattack Active Defense Well-versed with Government cybersecurity policies and regulations Strong analytical and organizational skills Possession of excellent oral and written communication skills Desired: Experience with implementing supply chain risk management activities in the DoD or other Federal Organizations Clearance: TS/SCI Required Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released. Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
