Jobloria
Supply Chain Risk Analyst
Base-One Inc
Location : Leesburg, VA, 20176
Job Type : Contractor
Date Posted : 2 December 2025
Primary Responsibilities:
The position of Supply Chain Risk Analyst will provide risk and opportunity planning, analysis and reporting to include:
· Vulnerability due diligence assessments, Cybersecurity Maturity Model Certification, PMO and source code analysis. To also develop policies and procedures that support customer office and align to risk management framework.
· This team will be responsible for developing the foundational policies and processes to stand up the Cyber Risk Management Team within Agency SOC.
· The position will lead the development of supplier threat and vulnerability assessments related to risk and support change management efforts across the corporation. In addition, individual may support category managers in developing risk assessments across various categories.
· May be required to draft and support all-source intelligence production in compliance with Tradecraft Standards
· Candidate will provide methods to properly communicate the risks applicable to Agency stakeholders and senior management.
· Candidate will create a holistic risk picture for the communications branch and will also provide briefings for senior management on the on the cyber risk posture of Agency.
· Attend and participate in meetings, conferences, and working groups in support of Agency.
· Conduct risk, vulnerability, criticality assessments to prioritize supply chain vendors and their potential impact on Agency’s mission.
· Candidate will assist the Government in conducting reviews and recommendations to aid the government in approving of risk acceptance memorandums, assist with the prioritization of POA&Ms, create risk profiles for all Agency information systems, identify common gaps in the information system compliance to focus holistic funding in support of remediating security findings for multiple systems.
Basic Qualifications:
· Clearance: All Agency SOC employees are required to successfully complete a Agency Background Investigation to support this program
· A Bachelor’s degree and 8 years of applicable experience is required, or a High School diploma + 9 years of applicable experience
· Professional writing, editing, and sourcing skills are mandatory in order to be successful in the position
· Ability to apply extensive knowledge of grammar, punctuation, and corporate writing standards in order to edit reports
· Ability to handle multiple tasks and adjust to changing priorities as needed
· Strong attention to details is required
· Past history developing policies and procedures for compliant procurement in an services environment
· Fundamental understanding of supplier quality management processes
· Strong understanding of Risk Management Framework (RMF)
· Strong understanding of NIST 800-161, NIST 800-30, NIST 800-37 or equivalent DoD policies/standards
Required Education/Experience
A Bachelor’s degree and 8 years of applicable experience is required, or a High School diploma + 9 years of applicable experience
Preferred Qualifications:
o Experience in cyber government, and/or federal law enforcement. Experience in Vulnerability scanning and analysis. Experience in financial, CSP and FISMA audits.
o Prior Agency Experience
Freqently Asked Questions
Professionals in Leesburg aiming for a Supply Chain Risk Analyst role often benefit from certifications like Certified Supply Chain Professional (CSCP) and Certified in Risk and Information Systems Control (CRISC). These credentials align well with local government and defense contracting standards, boosting expertise in risk frameworks and vendor assessments.
Leesburg's proximity to federal agencies elevates demand for supply chain risk analysts, fostering a moderately competitive environment. Candidates with cybersecurity and federal compliance experience tend to stand out, as many employers seek professionals who can navigate complex regulatory landscapes unique to this area.
Elevating as a Supply Chain Risk Analyst involves mastering vulnerability assessments, risk communication strategies, and integrating frameworks like NIST 800-161. Expertise in supplier threat analysis and policy development sets candidates apart for leadership roles within risk management teams.
Handling dynamic priorities, analyzing evolving cyber threats within supply chains, and synthesizing risk data for senior leadership are routine challenges. Effective analysts also navigate cross-departmental coordination, ensuring risk mitigation aligns with organizational goals.
Supply Chain Risk Analysts in Leesburg generally earn between $90,000 and $120,000 annually, reflecting the specialized nature of federal supply chain risk roles. Salary varies with experience, security clearance status, and proficiency in frameworks like RMF and NIST standards.
At Base-One Inc, Supply Chain Risk Analysts play a pivotal role in shaping cybersecurity policies and conducting vulnerability assessments. Their insights directly influence risk acceptance decisions and compliance processes, ensuring alignment with agency-wide security mandates.
Base-One Inc emphasizes a blend of technical acumen and professional writing prowess, expecting analysts to deliver comprehensive risk profiles and clear briefings for senior management. Familiarity with government cybersecurity standards and collaborative change management is also crucial.
Supply Chain Risk Analysts in this region are integral to fortifying agency cyber defenses by evaluating vendor vulnerabilities and supporting compliance with federal cybersecurity frameworks, bridging the gap between supply logistics and information security.
Leesburg's strategic role near federal installations requires analysts to consider heightened cybersecurity threats and regulatory scrutiny. Local supply chain risk strategies often prioritize compliance with federal standards and coordination with government SOC teams.
Senior analysts typically demonstrate mastery of risk management frameworks, extensive experience in vendor threat analysis, and the ability to craft policies that influence organizational risk posture. Leadership in cross-functional risk initiatives and proven government clearance often accelerate advancement.
Richmond, VAPopular Searches for Supply Chain Risk Analyst