Sr. Cyber & AI Supply Chain Risk Analyst

We are seeking a technically proficient Supply Chain Risk Management (SCRM) professional to support U.S. Government stakeholders in identifying, assessing, and mitigating cyber and emerging technology risks across the supply chain.

This role functions as a technical action officer, supporting government-led discussions with vendors and internal stakeholders. The ideal candidate can interpret complex technical conversations (cybersecurity, AI/ML), validate vendor claims, and translate risks into clear, actionable insights.

• Attend and support government-led meetings with vendors and stakeholders, focusing on supply chain-related cyber and technical risks
• Analyze and interpret cybersecurity architectures, controls, and risks within supplier ecosystems
• Evaluate vendor capabilities and claims related to:
  • Cybersecurity posture
  • Software assurance / supply chain integrity
  • AI/ML systems and associated risks (if applicable)
• Translate technical discussions into clear risk assessments and recommendations for government decision-makers
• Identify and document supply chain vulnerabilities, including third-party and downstream risks
• Support development of briefings, reports, and risk summaries for senior stakeholders
• Collaborate with cross-functional teams to ensure alignment between technical findings and mission requirements
• Track and follow up on action items, ensuring accountability across stakeholders

• Cybersecurity expertise (required):
  • Experience with frameworks such as NIST, RMF, Zero Trust, or similar
  • Ability to assess vendor cyber posture and technical controls
• Action officer / staff experience:
  • Experience supporting senior leaders in government or defense environments
  • Strong ability to coordinate, document, and drive follow-through
• Ability to engage in and understand technical discussions with engineers, vendors, and cyber professionals
• Strong analytical and communication skills, with the ability to translate technical risk into business/mission impact
• Active TS/SCI

• Experience with AI/ML systems, including:
  • Model risk
  • Data integrity
  • AI governance or assurance
• Experience in Supply Chain Risk Management (SCRM) or third-party risk
• Familiarity with:
  • Software supply chain risks (e.g., SBOM, open-source risk)
  • Federal acquisition or vendor risk processes

What Success Looks Like

• You can sit in a technical meeting and confidently follow cyber discussions without translation
• You identify gaps, inconsistencies, or risks in vendor statements
• You provide clear, concise risk summaries that inform government decisions
• You operate effectively in a high-visibility, stakeholder-heavy environment