Jobs · Management · Maryland

Software Supply Chain Analyst

Fortress Information Security · Patuxent River, MD · 2 days ago
Management$55k–$75k/yrFull-time

Responsibilities

  • Analyze SBOMs and related software component information in a SCIF environment to identify and document relevant software components.
  • Manually record and evaluate open-source components and related component details accurately, consistently, and in accordance with Fortress process requirements.
  • Exercise independent judgement when reviewing unclear, incomplete, or higher-risk SBOM data.
  • Support operational decision-making by preparing clear findings, summaries, trackers, and briefing materials.
  • Learn Fortress's internal SBOM terminology, workflows, risk concepts, and delivery expectations during onboarding and early ramp.
  • Identify basic software supply chain risk indicators and escalate potential concerns to senior team members or subject matter experts for review.
  • Improve SBOM review workflows by identifying ways to increase accuracy, consistency, and efficiency.
  • Create and maintain accurate working files, trackers, notes, and documentation using Excel and Microsoft 365 tools.
  • Cook up internal updates, customer briefs, and Government Delivery materials using Excel, PowerPoint, and Microsoft 365 tools.
  • Communicate progress, questions, blockers, completed work, and recommendations clearly to the manager and project team.
  • Work onsite at Patuxent River and comply with all SCIF, security, customer, and Fortress requirements.
  • Exercise independent judgment in prioritizing analytical efforts, interpreting customer requirements, and recommending risk mitigation or documentation approaches that support program objectives.
  • Adapt to changing work assignments as SBOM review processes become automated and broader Government Delivery support needs evolve.

Qualifications

  • Active Secret clearance required.
  • U.S. citizenship required due to active clearance and government customer requirements.
  • Ability to work onsite at Patuxent River and perform work in a SCIF environment.
  • 0–2 years of professional experience in cybersecurity, software, data analysis, technical documentation, government support, supply chain risk, or a related field.
  • Interest in learning SBOMs, software components, open-source software, and software supply chain risk concepts.
  • Ability to review technical or structured data and identify relevant findings, inconsistencies, or potential risk indicators.
  • Strong attention to detail and ability to perform repetitive manual review and documentation tasks with accuracy.
  • Proficiency with Microsoft Excel, including the ability to enter, organize, filter, and review structured information.
  • Proficiency with Microsoft 365 tools, including Outlook, Teams, Word, PowerPoint, and SharePoint.
  • Ability to follow documented processes and ask questions when instructions, data, or findings are unclear.
  • Ability to communicate clearly and professionally with managers, teammates, and project stakeholders.
  • Basic AI proficiency, including the ability to use approved AI tools responsibly when permitted by Fortress policy and customer requirements.
  • Willingness to learn, take feedback, and grow into broader Government Delivery responsibilities over time.

Similar jobs

Software Engineer

Mobility GlobalNew York, NY· 5 days ago
Engineering$70k–$122k/yrapply on mobility.wd503.myworkdayjobs.com

Software Engineer

Lockheed MartinHerndon, VA· 2 mo ago
Engineeringapply on sjobs.brassring.com

Software Engineer

Red Rock Government ServicesHerndon, VA· 2 mo ago
Engineeringapply on redrockgs.isolvedhire.com