LHH
Cyber Security Analyst
LHH, Vancouver, Washington, United States, 98662
Cybersecurity Supply Chain Risk Management (C-SCRM) AnalystLocation:
Portland, OR (Hybrid)LHH is partnering with a leading industrial business in Portland, Oregon, to find an exceptional
Cybersecurity Supply Chain Risk Management (C-SCRM) Analyst . Our client operates across multiple locations, providing vital support for infrastructure, defense, and energy projects. They are committed to building a values-driven culture that prioritizes sustainability, employee well-being, and community engagement.As a
C-SCRM Analyst , youll be a key member of the Information Security team, helping ensure the security and compliance of the supply chain. This is a fantastic opportunity for a cybersecurity professional with experience in supply chain risk management and expertise in
NIST 800-171
and
CMMC compliance .Key Responsibilities:Engage with suppliers
to educate them on new cybersecurity requirements and ensure they meet federal contract compliance standards.Coordinate the review
of vendor cybersecurity questionnaire responses and conduct interviews to assess compliance with
NIST SP 800-171
/
CMMC
requirements.Develop and manage
the Supply Chain Risk Management Plan, overseeing supplier compliance and implementing corrective actions as needed.Top Responsibilities:Supplier Engagement & Education
(40%): Communicate with suppliers, educating them on cybersecurity requirements and ensuring they are compliant with regulations.Vetting & Monitoring Compliance
(40%): Perform recurring supplier vetting to ensure ongoing compliance with federal contracts and
NIST 800-171
standards.Program Development & Management
(20%): Build and maintain a program to support suppliers in achieving compliance and managing cybersecurity risks.About the Role:This is a
hybrid
role, based in the
Portland, OR
area, with occasional travel (up to 10%) to various locations. You will work closely with cross-functional teams, providing expert guidance on cybersecurity compliance and managing risk across the supply chain. Youll be instrumental in implementing technical solutions to protect the companys operations and ensuring vendors remain compliant with national cybersecurity standards.Qualifications:5+ years
of experience with a
Bachelors degree
in Computer Science, Engineering, IT, Cybersecurity, or a related field, or
10+ years
of related technical experience.3+ years of experience in Information Security , contributing to security solutions, scope, and architecture.Experience with
NIST SP 800-171/CMMC
and conducting technical security assessments of large, complex systems.Familiarity with cybersecurity technologies, including
vulnerability scanning tools, SIEMs, endpoint protection tools, DLP, and IDS/IPS tools .U.S. Citizenship required .Active
IAT Level III
certification (DoDD 8140.01) and CISSPCore Competencies:In-depth understanding of
NIST SP 800-171/CMMC
compliance standards.Ability to identify and mitigate cybersecurity risks, providing expert guidance to vendors.Excellent communication and interpersonal skills to collaborate with suppliers, internal teams, and leadership.Strong project management skills to oversee program development and supplier compliance.Why Work for Our Client?Our client offers a
flexible schedule
and a
strong, collaborative team
environment. They are committed to being a
regenerative force for good , and you will have the chance to be part of an organization that values sustainability, innovation, and positive impacts on the community and environment.Benefits: Benefit offerings include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State, or local law; and Holiday pay upon meeting eligibility criteria.Applicants must be authorized to work for any employer in the U.S. and sit stateside. Our client is unable to sponsor or take over sponsorship of an employment Visa at this time.**Please no C2C applicants*To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.lhh.com/us/en/candidate-privacyHow to Apply:If you're passionate about cybersecurity and have experience working with
NIST 800-171
and
CMMC compliance , we encourage you to apply today. This is an opportunity to be part of an organization that values truth, responsibility, and continuous improvement.
Portland, OR (Hybrid)LHH is partnering with a leading industrial business in Portland, Oregon, to find an exceptional
Cybersecurity Supply Chain Risk Management (C-SCRM) Analyst . Our client operates across multiple locations, providing vital support for infrastructure, defense, and energy projects. They are committed to building a values-driven culture that prioritizes sustainability, employee well-being, and community engagement.As a
C-SCRM Analyst , youll be a key member of the Information Security team, helping ensure the security and compliance of the supply chain. This is a fantastic opportunity for a cybersecurity professional with experience in supply chain risk management and expertise in
NIST 800-171
and
CMMC compliance .Key Responsibilities:Engage with suppliers
to educate them on new cybersecurity requirements and ensure they meet federal contract compliance standards.Coordinate the review
of vendor cybersecurity questionnaire responses and conduct interviews to assess compliance with
NIST SP 800-171
/
CMMC
requirements.Develop and manage
the Supply Chain Risk Management Plan, overseeing supplier compliance and implementing corrective actions as needed.Top Responsibilities:Supplier Engagement & Education
(40%): Communicate with suppliers, educating them on cybersecurity requirements and ensuring they are compliant with regulations.Vetting & Monitoring Compliance
(40%): Perform recurring supplier vetting to ensure ongoing compliance with federal contracts and
NIST 800-171
standards.Program Development & Management
(20%): Build and maintain a program to support suppliers in achieving compliance and managing cybersecurity risks.About the Role:This is a
hybrid
role, based in the
Portland, OR
area, with occasional travel (up to 10%) to various locations. You will work closely with cross-functional teams, providing expert guidance on cybersecurity compliance and managing risk across the supply chain. Youll be instrumental in implementing technical solutions to protect the companys operations and ensuring vendors remain compliant with national cybersecurity standards.Qualifications:5+ years
of experience with a
Bachelors degree
in Computer Science, Engineering, IT, Cybersecurity, or a related field, or
10+ years
of related technical experience.3+ years of experience in Information Security , contributing to security solutions, scope, and architecture.Experience with
NIST SP 800-171/CMMC
and conducting technical security assessments of large, complex systems.Familiarity with cybersecurity technologies, including
vulnerability scanning tools, SIEMs, endpoint protection tools, DLP, and IDS/IPS tools .U.S. Citizenship required .Active
IAT Level III
certification (DoDD 8140.01) and CISSPCore Competencies:In-depth understanding of
NIST SP 800-171/CMMC
compliance standards.Ability to identify and mitigate cybersecurity risks, providing expert guidance to vendors.Excellent communication and interpersonal skills to collaborate with suppliers, internal teams, and leadership.Strong project management skills to oversee program development and supplier compliance.Why Work for Our Client?Our client offers a
flexible schedule
and a
strong, collaborative team
environment. They are committed to being a
regenerative force for good , and you will have the chance to be part of an organization that values sustainability, innovation, and positive impacts on the community and environment.Benefits: Benefit offerings include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State, or local law; and Holiday pay upon meeting eligibility criteria.Applicants must be authorized to work for any employer in the U.S. and sit stateside. Our client is unable to sponsor or take over sponsorship of an employment Visa at this time.**Please no C2C applicants*To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.lhh.com/us/en/candidate-privacyHow to Apply:If you're passionate about cybersecurity and have experience working with
NIST 800-171
and
CMMC compliance , we encourage you to apply today. This is an opportunity to be part of an organization that values truth, responsibility, and continuous improvement.