Sr. Cyber & AI Supply Chain Risk Analyst

We are seeking a technically proficient Supply Chain Risk Management (SCRM) professional to support U.S. Government stakeholders in identifying, assessing, and mitigating cyber and emerging technology risks across the supply chain.This role functions as a technical action officer, supporting government-led discussions with vendors and internal stakeholders. The ideal candidate can interpret complex technical conversations (cybersecurity, AI/ML), validate vendor claims, and translate risks into clear, actionable insights.Attend and support government-led meetings with vendors and stakeholders, focusing on supply chain-related cyber and technical risksAnalyze and interpret cybersecurity architectures, controls, and risks within supplier ecosystemsEvaluate vendor capabilities and claims related toCybersecurity postureSoftware assurance / supply chain integrityAI/ML systems and associated risks (if applicable)Translate technical discussions into clear risk assessments and recommendations for government decision-makersIdentify and document supply chain vulnerabilities, including third-party and downstream risksSupport development of briefings, reports, and risk summaries for senior stakeholdersCollaborate with cross-functional teams to ensure alignment between technical findings and mission requirementsTrack and follow up on action items, ensuring accountability across stakeholdersCybersecurity expertise (required)Experience with frameworks such as NIST, RMF, Zero Trust, or similarAbility to assess vendor cyber posture and technical controlsAction officer / staff experienceExperience supporting senior leaders in government or defense environmentsStrong ability to coordinate, document, and drive follow-throughAbility to engage in and understand technical discussions with engineers, vendors, and cyber professionalsStrong analytical and communication skills, with the ability to translate technical risk into business/mission impactActive TS/SCIExperience with AI/ML systems, includingModel riskData integrityAI governance or assuranceExperience in Supply Chain Risk Management (SCRM) or third-party riskFamiliarity withSoftware supply chain risks (e.g., SBOM, open-source risk)Federal acquisition or vendor risk processesWhat Success Looks LikeYou can sit in a technical meeting and confidently follow cyber discussions without translationYou identify gaps, inconsistencies, or risks in vendor statementsYou provide clear, concise risk summaries that inform government decisionsYou operate effectively in a high-visibility, stakeholder-heavy environment