System Engineer 2 SCRM

Job Description

The SCRM Analyst supports the mission of the National Security Agency Cybersecurity Collaboration Center by identifying, assessing, and mitigating supply chain risks impacting National Security Systems (NSS), critical Defense Industrial Base (DIB) infrastructure, and U.S. Government technology environments. The analyst conducts research and analysis on commercial technologies, software, hardware, cloud providers, vendors, and foreign ownership/control/influence (FOCI) concerns to support informed risk-based decisions and national security objectives.

This position requires strong analytical capabilities, cybersecurity knowledge, intelligence research skills, and the ability to collaborate across government, industry, and interagency partners to strengthen supply chain security and operational resilience.

Key Responsibilities

• Conduct supply chain risk assessments on software, hardware, cloud services, telecommunications technologies, and third-party vendors supporting U.S. Government and National Security Systems.

• Perform due diligence research using commercial and government intelligence sources, open-source intelligence (OSINT), threat intelligence platforms, and supply chain illumination tools.

• Identify potential foreign ownership, control, or influence (FOCI) concerns, cybersecurity risks, malicious cyber activity, counterfeit risks, insider threats, and vendor credibility concerns.

• Analyze software supply chain risks including:

Software Bills of Materials (SBOMs)

Open-source software (OSS)

Vulnerability management

Secure software development practices

Dependency and component risks

• Evaluate vendor compliance with federal cybersecurity and supply chain security policies, standards, and directives.

• Produce detailed analytical reports, risk assessments, executive summaries, and briefing materials for senior leadership and mission stakeholders.

• Support interagency collaboration efforts involving supply chain security initiatives, exclusion/removal order analysis, and federal risk mitigation activities.

• Conduct infrastructure and corporate attribution research including:

Corporate ownership structures

Leadership analysis

Network infrastructure

Domain/IP analysis

Foreign business relationships

Contract validation

• Monitor emerging threats to the technology supply chain and provide actionable recommendations to leadership and operational teams.

• Collaborate with intelligence, cybersecurity, acquisition, counterintelligence, legal, and policy stakeholders to support enterprise-wide SCRM initiatives.

• Assist in the development of supply chain risk methodologies, scoring models, assessment frameworks, and mitigation strategies.

• Support evaluation and operational use of supply chain illumination and cybersecurity assessment tools.

Security Clearance Requirements

• TS/SCI w/Polygraph to start.

Preferred Education Certifications

• (U) Fourteen (14) years experience as a SE in programs and contracts of similar scope, type and complexity is required. Bachelor’s degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required. Five (5) years of additional SE experience may be substituted for a bachelor’s degree.

• Preferred certifications may include:

Security+

CISSP

Certified SCRM Professional

AWS/Azure cloud certifications

Certified Threat Intelligence Analyst (CTIA)

Network or systems certifications

Salary: $190,000-$220,000. This represents the typical salary range for this position, but is not guaranteed. Salary is based on experience, location and contractual requirements which could fall outside of the range listed.

, Required Skills

• • Experience in Supply Chain Risk Management (SCRM), cybersecurity, intelligence analysis, counterintelligence, or information assurance.

  • Knowledge of National Security Systems (NSS) environments and federal cybersecurity frameworks.

  • Familiarity with:

  NIST guidance

  Software supply chain security concepts

  Vulnerability analysis

  Threat intelligence

  OSINT methodologies

  • Ability to analyze complex technical and non-technical information and communicate findings clearly.

  • Experience producing formal analytical reports and executive-level briefings.

  • Strong critical thinking, investigative, and research skills.

  • Ability to work in a fast-paced, mission-driven environment with evolving priorities.

  LCAT Domain Experience Needed:

  • IA and cybersecurity architectures, concepts, principles, use cases, and standards;

  • DoD, IC, and other federal government (e.g., NIST) policy, directives, and instructions relevant to IA and cybersecurity strategic planning and direction.

, Desired Skills

• Experience with supply chain illumination tools such as:

Exiger

Govini

Strider

Altana

Black Kite

Recorded Future

• Knowledge of:

SBOM standards (SPDX, CycloneDX)

Secure Software Development Framework (SSDF)

Open-source software risk analysis

Cloud security

Foreign influence investigations

• Understanding of federal acquisition security processes and interagency coordination.

• Familiarity with intelligence community reporting standards and risk assessment methodologies.

• Experience briefing senior government leadership and collaborating across agencies.

, About Tensley Consulting, Inc.
About TensleyTensley Consulting is a Service-Disabled Veteran-Owned Small Business focused on mission engineering in support of the United States Intelligence Community and the Department of Defense. Our team consists of System Engineers, Software Engineers, Test Engineers, and Signals Analysts performing work throughout the Continental United States (CONUS) and Outside the Continental United States (OCONUS).
Equal Opportunity, Diversity InclusionWe aim to build a team that represents a variety of backgrounds, perspectives, and skills. We embrace inclusion and ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, military or veteran status, or any other personal characteristic.

Benefits Include
100% paid medical coverage with HSA and company contribution
100% paid vision, dental, short-term, and long-term premium
12% 401(k) contribution (not a match)
Education and training budget
6 weeks and 3 days of PTO
And much more!

Come grow with us!