Cyber Security Analyst
GCR Technical Staffing
Job Description
Job Description
Job Description
Multiple positions (Jr and Sr level)
Long Term Contract position through 2026 + extension
Position 1:
Supply Chain Risk Management (SCRM) Analyst — This role focuses on identifying, analyzing, and managing cybersecurity, compliance, and operational risks across defense suppliers, with a strong emphasis on software and technology supply chains.
Responsibilities:
- Identify and assess risks in defense suppliers, systems, and software components
- Evaluate vendors for cybersecurity posture, compliance, and reliability
- Ensure adherence to federal regulations (NIST 800-53, DFARS, FAR, NDAA restrictions, etc.)
- Monitor supplier environments for vulnerabilities, changes, and emerging risks
- Produce risk assessments, reports, and recommendations for leadership and stakeholders
- Collaborate with engineering, procurement, and security teams to mitigate identified risks
- Support improvements to the organization’s supply chain risk management framework and processes
Requirements:
- U.S. citizen with active Secret clearance (TS eligibility required)
- Bachelor’s degree
- 3–5 years of experience in defense, cybersecurity, supply chain risk, or related fields
- Strong understanding of software supply chain security and defense industry compliance frameworks
- Familiarity with NIST 800-53, DFARS, FAR, and NDAA requirements
- Strong analytical, communication, and reporting skills
Position 2
Senior INFOSEC Compliance Analyst
Long-Term Contract | Hybrid | 9/80 Schedule
Seeking an experienced INFOSEC Compliance Analyst to support a major DoD audit initiative. Immediate interview and hire process. Active Secret Clearance preferred, but not required. Candidates must be able to pass a background investigation.
Key Responsibilities:
• Support Governance, Risk & Compliance (GRC) initiatives
• Develop and maintain SSPs, POA&Ms, and compliance documentation
• Support CUI security requirements and vendor compliance reviews
• Assist with cybersecurity policies, procedures, and standards
• Perform risk assessments and support audit readiness efforts
• Work with cloud and on-prem cybersecurity environments
Requirements:
• 5+ years of INFOSEC Compliance/Risk Management experience
• Strong knowledge of NIST, CMMC, FedRAMP, and DFARS
• Experience with RMF, SSPs, POA&Ms, and CUI environments
• Strong communication and cross-functional coordination skills
• Bachelor’s Degree or equivalent experience preferred
Company Description
GCR Professional Services is an engineering and information technology staffing firm (direct-hire, consultants, contract-to-hire).
Company Description
GCR Professional Services is an engineering and information technology staffing firm (direct-hire, consultants, contract-to-hire).