Evolver, Inc.

Cyber Supply Chain Risk Analyst - San Francisco, CA

US-CA-San Francisco
4 days ago
Job ID
2017-2495
# of Openings
1

Overview

 

Evolver is a technology company serving the Federal, Commercial, and Legal markets that addresses client challenges in the present and transitions clients into the future by introducing efficient and effective IT solutions. Established in 2000, Evolver has successfully grown to be a trusted technology leader. Evolver’s efforts and growth have been recognized by leading publications and organizations, including Inc. 5000 for five consecutive years, and most recently “Future 50” from SmartCEO. With a dedicated focus on client satisfaction, Evolver has proven its value time and time again, from managing day-to-day operations to skillfully navigating the implementation and support of new technologies. Evolver’s core competencies are infrastructure, application development, cybersecurity, cloud, end-user support, data analytics and legal services.

 

We believe our employees are key to our success and continued growth. We attract and retain our diverse workforce by promoting a work-life balance with generous and flexible time off, competitive compensation and benefits, and a commitment to professional development. When you join Evolver, you join a community of talented and dedicated individuals whose abilities, skills, and actions contribute to the success of the company.

 

Evolver is seeking a Cyber Supply Chain Risk Analyst to work in San Francisco, CA.

 

Essential Job Duties and Responsibilities

  • Apply cyber risk management principles in the evaluation of vendors and associated risks
  • Establish scope of risk analysis and define analysis success parameters
  • Provide questionnaires to vendors and evaluate responses based on the estimated risk of the vendor to client objectives
  • Define vendor reporting requirements and track compliance over a defined period of performance
  • Review results to identify potential outlier data inputs
  • Write reports that describe assessment assumptions, scope parameters, and recommendations to client on remediation actions
  • Collaborate with management and peers to continuously learn and improve
  • Be an active member of the broader risk management community
  • Draft case studies and other risk analysis / risk management research
  • Support sales team with technical discussions and demonstrations

Minimum Qualifications and Requirements

Knowledge of cyber and risk management concepts, including: 

  • Understanding how cyber impacts business objectives
  • Architecture, topology, ports and protocols, services
  • Ability to understand business and technical risk implications
  • Knowledge of cyber threat vectors, both generally and sector-specific
  • Knowledge of current cyber threat trends and approaches
  • Knowledge of different threat actor categories (nation state, criminal, general hacker, hacktivists) and their common techniques

Abilities Required:

  • Consulting experience in Cyber Security or Risk Management
  • Have strong interpersonal and communication skills to work with clients on new and emerging projects
  • Ability to communicate effectively with senior management, both orally and in writing
  • Ability to think critically from different perspectives (outside the box)
  • Ability to think like the adversary
  • Ability to work on a team and individually
  • Aptitude with established risk management practices
  • Ability to conduct focused research and develop recommendations
  • Bachelor’s Degree required. Will consider years of experience and/or certifications in lieu of Degree.

Technical Requirements (required and desired)

  • Advanced/Intermediate skill in writing reports for audiences up to the highest levels within an organization. 
  • Strong background in information security, IT audit or security risk management
  • Familiarity with statistical concepts
  • Risk Analysis experience – preferably with Factor Analysis of Information Risk (FAIR)
  • Certified in Open FAIR, CRISC or other risk-related certifications (desired)
  • Knowledge of IT GRC technology platforms

EOE Statement

At Evolver, we foster teamwork, growth, individuality and entrepreneurialism. We value employee opinions and encourage them to make a difference by getting involved and being thought-leaders. As a part of the Evolver team, we actively promote a working and learning environment that supports a highly qualified workforce and a quality of work life that is based on trust and respect for all employees resulting in a healthy and trusting organizational culture.

Evolver, Inc. is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability or veteran status. Evolver offers a comprehensive benefits plan including (but not limited to): medical, dental, vision, 401(k), life, AD&D and short term and long term disability insurance.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed