What are the responsibilities and job description for the RMF Supply Chain Risk Management Specialist - Active DoD Secret position at Prism, Inc.?
Job Details
Due to Federal Governement Security Clearance Requirements: U.S. Citizenship and Active DOD Secret Clearance
PRISM seeks an RMF Supply Chain Risk Management Specialist who is responsible for ensuring the security of the organization's supply chain by conducting comprehensive risk assessments of suppliers and vendors. In this role, you will identify and mitigate potential vulnerabilities impacting sensitive data and systems' confidentiality, integrity, and availability.
Essential Duties and Responsibilities:
- Supply Chain Risk Assessment:
- Conduct comprehensive risk assessments of suppliers and vendors, evaluating their security posture against RMF guidelines to identify potential vulnerabilities within the supply chain.
- Develop and implement security controls based on identified risks, including data protection measures, physical security protocols, and access controls.
- Monitor supplier compliance with security requirements and address any deviations through corrective action plans.
- Vendor Management and Due Diligence:
- Evaluate potential vendors' security practices through thorough due diligence processes, including security questionnaires and on-site assessments.
- Establish security requirements for vendor contracts, ensuring company and industry standards compliance.
- Collaborate with procurement teams to integrate security considerations into vendor selection and contract negotiations.
Required Skills and Qualifications:
- Active DoD Secret with eligibility to obtain DoD Top Secret Clearance
- 4 years of the Risk Management Framework (RMF) and its implementation within the supply chain environment.
- Expertise in cybersecurity principles, including data protection, network security, and access controls.
- Proven experience in vendor management and risk assessment processes.
- Excellent analytical and problem-solving skills to identify and address security issues.
- Relevant cybersecurity certifications such as CISSP, CISA, or CISM are preferred.
- CompTIA Security CE
- Knowledge of Cisco products, Windows, Linux, and scripting languages.
- Familiarity with GitHub and CI/CD concepts.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
