CISONetwork
Mid-Level GRC

Supply Chain Security Analyst

$95,000 – $130,000

Ready to apply?

AI interview · ~25 minutes · No scheduling required

Start AI Interview

About the Role

Manage software and hardware supply chain security risk. Maintain software bill of materials (SBOM) inventories, monitor for upstream vulnerabilities in third-party dependencies, assess vendor development practices, and ensure compliance with EO 14028 and NIST SSDF requirements.

Requirements

  • 4+ years of security or GRC experience
  • Familiarity with SBOM formats (CycloneDX, SPDX)
  • Understanding of SLSA, NIST SSDF, and supply chain attack vectors
  • Experience with dependency scanning and SCA tools
← View all positions Apply for This Role