IT Data Analyst / Supply Chain Risk Management Analyst

Employment Type

: Full-Time


: Miscellaneous

NASA's Goddard Space Flight Center is the nation's largest organization of scientists and engineers that build spacecraft, construct instruments, and develop technology to study the Earth, the sun, our solar system, and the universe.Primary Responsibilities:* Conduct investigations of proposed procurement for vulnerabilities to cyber-espionage and cyber-sabotage* process Requests for Investigation (RFI) of proposed IT procurement from all NASA centers* Verify completeness of the RFI, including attached country of origin documentation and validity of the System Security Plan (SSP)* Confirm that the product is not already on the Accessed and Cleared List (which has an upcoming successor, Top Shelf)* Research the vendor's history (including using SAM, Crunchbase, Bloomberg, Wikipedia) and the product, including checking for known vulnerabilities in NIST and other databases* Confirm that the vendor is not one of those prohibited from use in Federal government by the NDAA for FY 2019 (or a subsidiary or affiliate thereof)* Send inquires to the FBI and a private intelligence platform for vendors that meet specific criteria (generally speaking, the country of origin)* Data calls to stakeholders and the designated points of contact at the various NASA centers to address deficiencies in the RFIs, or to complete High Risk Customer Questionnaires (when warranted by factors such as COO, number of vulnerabilities)* Compose a succinct summary of your findings before signing off on the RFI and passing it up the chain to the SCRM Service Lead and compile a longer report that documents and synthesizes your findings and any information from the FBI and the private intelligence platform* Attend weekly internal meetings (face to face) and participate in bi-weekly agency-wide video-conference (Web-Ex)* Software used: Adobe Experience, web browsers, Sharepoint, One Drive, Word, Excel, Outlook* other factors: large backlog, high volume of RFIs that need to be processed day-in, day-out, and a need for attention to detail the supply chain for various IT hardware/software and vulnerabilities associated with the product* research and assess vendor's history (i.e. acquisitions, investors, facility locations, legal history* Consult with third party government agencies (i.e. FBI) for 'company threat assessments'* Maintain and update the ACL for all NASA centers (Assess and Clear list) and FBI list of companies that the FBI responded positively or negatively* Data entry and tracking of all RFIs in the queue* Assist centers with completing the 1823 form (RFI form) and answer any inquiries* Contact RFI initiators to get additional information or manufacturer* Assist and request mitigation plan for products that are considered high risk. When requesting the mitigation plan provide the requestors with a breakdown by category of all risksRequired Qualifications:Proficiency in Adobe Experience, Microsoft Office SuiteAdditional Requirements:* Individual must meet government NAC and citizenship/work permit requirements for access to NASA* Position may require occasional travel* US Citizenship required and must be clearable

Launch your career - Create your profile now!

Create your Profile