Location: Onsite - Patuxent River, MD

Compensation: $55,271 - $75,369

Employment Type: Full-Time

Clearance Requirement: Active Security Clearance required

Travel Requirement: Some travel less than 15%

What you can expect as the Software Supply Chain Analyst at Fortress...

The Software Supply Chain Analyst will support Government Delivery operations at Fortress by performing detailed, manual review and documentation of software component information from Software Bills of Materials (SBOMs) in a SCIF environment at Patuxent River. This role is critical to fulfilling immediate Navy customer requirements for processing Secret-level SBOMs while Fortress develops automation for this process. Designed for a detail-oriented professional with an active Secret clearance, the position offers a clear growth path into broader Government Delivery responsibilities — including analysis support, documentation, brief preparation, and coordination with internal delivery teams - as manual processes become automated. It is an ideal opportunity for someone early in their cybersecurity or government delivery career who is eager to learn software supply chain risk concepts and contribute to high-impact federal programs.

Responsibilities Include

• Analyze SBOMs and related software component information in a SCIF environment to identify and document relevant software components.
• Manually record and evaluate open-source components and related component details accurately, consistently, and in accordance with Fortress process requirements.
• Exercise independent judgement when reviewing unclear, incomplete, or higher-risk SBOM data.
• Support operational decision-making by preparing clear findings, summaries, trackers, and briefing materials.
• Learn Fortress's internal SBOM terminology, workflows, risk concepts, and delivery expectations during onboarding and early ramp.
• Identify basic software supply chain risk indicators and escalate potential concerns to senior team members or subject matter experts for review.
• Improve SBOM review workflows by identifying ways to increase accuracy, consistency, and efficiency.
• Create and maintain accurate working files, trackers, notes, and documentation using Excel and Microsoft 365 tools.
• Coordinate with internal team members and customer representatives regarding findings, documentation needs, and follow-up actions. Prepare internal updates, customer briefs, and Government Delivery materials using Excel, PowerPoint, and Microsoft 365 tools.
• Communicate progress, questions, blockers, completed work, and recommendations clearly to the manager and project team. Work onsite at Patuxent River and comply with all SCIF, security, customer, and Fortress requirements.
• Exercise independent judgment in prioritizing analytical efforts, interpreting customer requirements, and recommending risk mitigation or documentation approaches that support program objectives.
• Adapt to changing work assignments as SBOM review processes become automated and broader Government Delivery support needs evolve.
• Other duties as assigned

Minimum Qualifications

• Active Secret clearance required.
• U.S. citizenship required due to active clearance and government customer requirements.
• Ability to work onsite at Patuxent River and perform work in a SCIF environment.
• 0–2 years of professional experience in cybersecurity, software, data analysis, technical documentation, government support, supply chain risk, or a related field.
• Interest in learning SBOMs, software components, open-source software, and software supply chain risk concepts.
• Ability to review technical or structured data and identify relevant findings, inconsistencies, or potential risk indicators.
• Strong attention to detail and ability to perform repetitive manual review and documentation tasks with accuracy.
• Proficiency with Microsoft Excel, including the ability to enter, organize, filter, and review structured information.
• Proficiency with Microsoft 365 tools, including Outlook, Teams, Word, PowerPoint, and SharePoint.
• Ability to follow documented processes and ask questions when instructions, data, or findings are unclear.
• Ability to communicate clearly and professionally with managers, teammates, and project stakeholders.
• Basic AI proficiency, including the ability to use approved AI tools responsibly when permitted by Fortress policy and customer requirements.
• Willingness to learn, take feedback, and grow into broader Government Delivery responsibilities over time.

Preferred Skills

• Prior exposure to SBOMs, open-source software, software inventories, cybersecurity, or technical data review.
• Experience working in a cleared environment, SCIF, government customer environment, or defense-related setting.
• Experience supporting technical documentation, data entry, quality review, or structured analysis work.
• Experience using PowerPoint to support briefings, updates, or customer-facing materials.
• Familiarity with basic cybersecurity, vulnerability, software, or supply chain risk concepts.
• Intermediate AI proficiency, including the ability to use approved AI tools to summarize, organize, or
• improve non-sensitive work products when allowed.
• Interest in growing into broader software supply chain, cybersecurity, or Government Delivery responsibilities.

Education

• Bachelor's degree or equivalent professional work experience required.

Employee Benefits

• Remote and Hybrid working environment
• Competitive pay structure
• Medical, dental, vision plans with employees covered up to 90% with highly progressive options for dependents and families
• Company paid life, short- and long-term disability insurance
• Employee Assistance Program
• 401(k) match
• Flexible Paid Time Off
• Parental Leave

Employment Perks

• We provide each employee with professional growth opportunities through succession planning, up-skilling, and certifications
• Tuition and certification reimbursement
• Employee Referral Programs
• Company Sponsored Events

Fortress is proud to be an Equal Opportunity Employer. All employees and applicants will receive consideration for employment without regard to age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. Fortress Information Security takes part in the E-Verify process for all new hires.

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will have to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.