Internship Vendor Risk Analyst Jobs in Silver Spring, MD

Job Description

Status: Active

Location: Hybrid – Arlington, VA

Schedule: Full-time | Core hours 9:00 AM – 5:00 PM ET

Focus Areas: Cyber Supply Chain Risk Management (C-SCRM), Enterprise Cybersecurity Architecture, Vendor Risk Management, Federal Information Assurance

Overview

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients. phia is seeking a TS-cleared Senior Cyber Supply Chain Risk Architect to provide enterprise-level technical expertise in support of federal cyber supply chain risk management and interagency collaboration.

You will translate executive intent, policy direction, and vendor risk analysis into scalable, secure technical solutions that inform government decisions. This role is intended for a seasoned, certified cybersecurity professional with demonstrated experience supporting federal agencies in information assurance and cyber supply chain risk management.

What You’ll Do

• Senior Technical Advisory:Serve as the senior technical advisor for collaboration platforms and cross-enterprise solutions that support vendor risk assessment and cyber supply chain mission outcomes.
• Platform Modernization:Lead modernization and architectural redesign of collaboration platforms to enable structured vendor risk analysis, information sharing, and decision workflows.
• Architecture Translation:Translate vendor risk findings, policy requirements, and mission needs into enterprise technical architectures, workflows, and automation-enabled processes.
• Executive Advisory:Provide enterprise IT and systems ecosystem advisory to senior leadership, ensuring technical solutions align with federal authorities, acquisition security requirements, and cyber supply chain policy.
• Incident Response Coordination:Support incident response coordination involving third-party vendors and supply chain compromises, ensuring alignment across technical, operational, and governance functions.
• Executive Documentation:Develop executive-level documentation, dashboards, and decision packages that communicate vendor risk posture and support governance, investment, and acquisition decisions.
• Mission Resilience:Ensure technical solutions support long-term mission resilience, interoperability, and compliance with federal cybersecurity and supply chain risk management requirements.

Who You Are

• Cross-Domain Technologist:Youoperateat the intersection of cybersecurity, enterprise systems, vendor risk management, and federal mission execution.

• Federal-Fluent:You have substantial experience supporting federal information communication technology and cyber supply chain risk management initiatives.
• Translator:You convert complex vendor risk analysis into executive-ready technical solutions and governance artifacts.
• Trusted Advisor:You influence decisions across organizational and interagency boundaries and build credibility with senior federal stakeholders.
• Communicator:You coordinate across multiple stakeholders and teams toalignand execute unified goals and plans.

Preferred Skills

• Degree in cybersecurity or related field
• Active federal agency suitability already in place
• Experience supporting interagency cyber supply chain risk management bodies or initiatives
• Hands-on experience modernizing collaboration platforms in federal environments
• Familiarity with NIST SP 800-161 (C-SCRM) and related federal SCRM guidance

Required Education + Experience

Education: Bachelor’s degree required.

Experience: 7+ years working within government organizations supporting cybersecurity risk management related policy – ideally with a focus on Supply Chain Risk Management (SCRM). Demonstrated experience communicating with and coordinating across multiple stakeholders and teams to align to and execute unified goals and plans. Advanced cybersecurity credentials indicative of enterprise-level practice—such as CISSP—are aligned with the scope and leadership responsibilities of this role.

Clearance: Active TS security clearance and SCI eligible at time of proposal submission. Ability to obtain and maintain federal agency suitability (EOD).

GENERAL PROGRAM REQUIREMENTS:

Citizenship: Must be a U.S. Citizen. No exception.

Work Hours: Full-time, Monday–Friday, core hours 9:00 AM – 5:00 PM ET.

Work Location: Hybrid schedule based out of Arlington, VA.

Travel: Minimal; occasional travel within the National Capital Region as required by mission.

Who We Are

phia LLC (“phia”) is a Northern Virginia based, small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer’s missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia offers excellent benefits to enhance work-life balance, including the following:

• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life Insurance
• Short Term & Long-Term Disability
• 401k Retirement Savings Plan with Company Match
• Paid Holidays
• Paid Time Off (PTO)
• Tuition and Professional Development Assistance

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.