Leidos

SCRM Policy & Compliance Analyst

Leidos

full-time

Posted on:

Location Type: Office

Location: AlexandriaMarylandVirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $131,300 - $237,350 per year

Tech Stack

Cyber Security

About the role

  • Develop, maintain , and govern Supply Chain Risk Management (SCRM) policies, Standard Operating Procedures (SOPs), templates, and documentation to ensure consistent enterprise-wide implementation
  • Ensure program compliance with federal and DoD requirements including DFARS 252.204-7012, EO 14028, and NIST SP 800-171
  • Maintain and update risk registers, traceability matrices, and compliance documentation to support audits, assessments, and contract reviews
  • Coordinate with contracting, cybersecurity, and acquisition teams to ensure supply-chain requirements are integrated into procurement actions and adhered to throughout the vendor lifecycle
  • Support the Government in performing all auditing and audit reporting to external independent public auditors in support of an annual SOC1 audit, including preparation of the SOC1 Report
  • Prepare and update various compliance and security documents such as Access Control, Audit and Accountability Plan, Backup and Recovery, Change and Configuration Management Plan, and others as needed

Requirements

  • Top Secret with SCI eligibility security clearance
  • Bachelor's degree in a related field such as Information Technology, Cybersecurity, Supply Chain Management, or a related discipline
  • Minimum of 3 years of experience in cyber supply chain risk management, cybersecurity compliance, or a related field
  • Knowledge of federal and DoD requirements including DFARS 252.204-7012, DoDI 5200.44 , EO 14028, and NIST SP 800-171
  • Experience with developing and maintaining SCRM policies, SOPs, and compliance documentation
  • Strong understanding of audit processes and experience in supporting audits and assessments
  • Excellent communication and coordination skills to work with contracting, cybersecurity, and acquisition teams
  • Certifications in Cybersecurity like Security plus, CISM
Benefits
  • competitive compensation
  • Health and Wellness programs
  • Income Protection
  • Paid Leave
  • Retirement
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Supply Chain Risk ManagementSCRM policiesStandard Operating Proceduresrisk registerstraceability matricescompliance documentationaudit reportingSOC1 auditAccess ControlChange and Configuration Management Plan
Soft Skills
communication skillscoordination skillsorganizational skillsinterpersonal skills
Certifications
Top Secret with SCI eligibilityBachelor's degreeSecurity plusCISM