Program Protection/Cybersecurity Analyst will be responsible for supporting the development and application of Supply Chain Risk Management (SCRM), parts, materials and process system, cyber security engineering, software assurance and program protection for major defense acquisition programs in support of the GMD DSC contract.
The Program Protection/Cybersecurity Analyst is responsible for working with program managers, IPTs and subcontractors to select parts, materials and processes that meet program designated PMAP requirements along with supporting part testing, failure analysis and mitigation development as well as performing supplier compliance assessments and development of all required plans. Additionally, the subject matter experts will support all Parts, Materials, & Processes Control Board (PMPCB) related functions including reviewing of Non-Standard Part Approval Requests and relevant data, PMPCB working groups and board meetings and interfacing with both the customer and subcontractors in support of the PMPCB.
Duties will include:
Support the management and procurement of safety and mission critical products and systems, to include compliance with the prevention of purchasing counterfeit electronic parts and materials. Efforts include the: 1) working with program offices to implement the Acquisition System Protection program to include their system's cyber resiliency; 2) identification and protection of mission critical functions to achieve Trusted Systems and Networks (TSN); 3) software assurance; 4) systems security engineering and 4) implementation of the GMD Program Protection Plan (PPP)
Provide input to, help develop and maintain the Program Protection Implementation Plan (PPIP)
Participate in annual or as required Program Protection Security Assessments to evaluate adherence to the PPIP and its requirements
Coordinate with the GMD program office and the Suppliers to ensure that SCRM mitigations for hardware, software and firmware critical items are addressed in the GMD Program Protection Implementation Plan (PPIP)
Identify/implement the appropriate mix of OPSEC measures to protect the program and system information, components, and technologies from the known security threats and attacks across the acquisition life cycle
Conduct regular Technical Interchange Meetings (TIM), prepare and present the results to MDA Program Protection (EIR) as directed
Ensure compliance with DoDI 8500.01 and the NSA Guide for addressing malicious code with all software developments teams
Assist MDA in their criticality analysis to identify mission critical functions, logic bearing information and communications technology (ICT) and critical components assessed as Level 1 and Level 2 and ensure the results are updated and available at the government Systems Engineering Technical Reviews (SETR)
Ensure compliance with SCRM as identified in the MDA Parts, Material, Processes Mission Assurance Plan (PMAP) Rev B and the GMD PPP. Efforts include: 1) Ensuring these requirements are flowed down throughout the GMD supply chain; 2) working the with GMD Parts, Materials, and Processes Control Board (PMPCB) to assess those vendors who provide logic bearing critical components and 3) ensure only logic bearing critical components are procured from approved vendors IAW the PMAP Rev B
Bachelor's Degree in Logistics, Supply Chain, or similar discipline
3+ years of experience with supply chain risk management for major defense acquisition programs
Knowledge of the Government-Industry Data Exchange Program (GIDEP); As Designed Products Material List database (ADPML); and Supportability Management Assessment Report Tool (SMART)
Experience with Criticality Analysis, identifying and protecting Critical Components and mapping supply chains
Experience with developing supply chain (SCRM) risk mitigation strategies
Experience working with defense contractors, parts, materials, & processes mission assurance plans
Knowledge and experience with DoD 5000 series, Defense Acquisition System, and FAR clauses
Dese Research, Inc.