FCC - SCRM/Emerging Technology Security Analyst
cFocus Software seeks a SCRM/Emerging Technology Security Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• 3–7+ years of experience in cybersecurity, risk management, or supply chain security.
• Experience supporting enterprise cybersecurity environments of similar scale and complexity.
• Knowledge of NIST frameworks (RMF, CSF), FISMA, and federal security standards.
• Experience with third-party risk management, vendor assessments, or SCRM programs.
• Familiarity with AI/ML security risks and emerging cybersecurity trends
• Strong analytical and risk assessment capabilities
• Knowledge of supply chain threats and mitigation strategies
• Understanding of AI/ML security risks and governance
• Experience with security documentation and reporting
• Excellent communication and stakeholder coordination skills
• Required Certifications
• At least one relevant cybersecurity certification such as:
• CISSP, CISM, or Security+
• Certified in Risk and Information Systems Control (CRISC)
• Certified Supply Chain Professional (CSCP) or equivalent (preferred)
• Additional role-based certifications related to cloud, AI security, or risk management are desirable..
Duties:
• Support Supply Chain Risk Management (SCRM) activities including analysis of third-party/vendor risks, documentation, and mitigation strategies.
• Assess risks associated with emerging technologies including AI, automation, and cloud-based services.
• Provide risk-informed recommendations for secure adoption of new technologies.
• Support development and maintenance of SCRM documentation, policies, and processes.
• Conduct security reviews of vendors, software, and emerging platforms.
• Analyze cybersecurity threats related to supply chain and emerging technologies.
• Collaborate with compliance, engineering, SOC/NOC, and risk teams.
• Support reporting activities including SCRM status reports, risk registers, and audit artifacts.
• Identify gaps in SCRM and emerging technology security practices and recommend improvements.
• Assist with governance and compliance activities aligned to NIST, FISMA, and federal cybersecurity frameworks.
Apply tot his job
Apply To this Job