Cyber Risk Analyst

Delan Associates, Inc-posted 3 months ago
Full-time • Entry Level
Lemont, IL
101-250 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Company’s Cyber Security Program Office promotes the safe and secure use of information technology. There are a variety of risks and threats inside and outside of the Laboratory. The Cyber Security Program Office (CSPO) safeguards the Laboratory by identifying, protecting against, detecting, responding to, and recovering from cybersecurity risks and incidents. Services include consultation and guidance; detection and protection technologies; education and awareness; incident management; vulnerability management; and risk assessment and compliance. The Cyber Risk Analyst will play an important role in identifying and communicating areas of concern and risks to the business. This engagement will free up other cybersecurity resources to work in other critical Argonne areas.

  • Possess a working level expertise with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and the NIST 800-53 series of control families and approaches.
  • Perform detailed analysis and a cyber risk assessment of Cloud Service Providers (CSPs).
  • Engage with vendors to review controls, certifications, and risks in support of the associated business need and the laboratory's risk tolerance.
  • Partner with the CSPO in the development of risk assessment and reporting processes within the Laboratory's Governance, Risk and Compliance (GRC) tool, Talatek TiGRIS.
  • Partner with others from within the CSPO team and Laboratory IT environment to perform risk-based assessments of NIST 800-53 control validation and gap analysis.
  • Collaborate with the CSPO to present outcomes of risk analysis work using presentation methods to CSPO and other lab audiences (IT admins, Deputy CIO, CISO).
  • Maintain assessment and assessment results in identified repositories, e.g., the Lab's GRC tool, Talatek TiGRIS, MS Excel, Box or Box.
  • Assist in the performance of the laboratory's Divisional Site Assist Visit (DSAV) self-assessment and continuous monitoring strategy, assessing the cyber security controls and their implementation in various programmatic spaces.
  • Considerable knowledge of Risk Management and Risk Management Framework (RMF) requirements.
  • Working level knowledge of the NIST 800 Rev 5 series framework.
  • Considerable knowledge/experience of assessing controls.
  • Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • Experience in working with Governance Risk Compliance systems.
  • Experience presenting reports and outcomes to leadership, tracking to closure, and creating buy-in to risk management.
  • Experience and skill in conducting audits or reviews of technical systems.
  • Experience assessing vendor risk.
  • Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
  • Ability to skillfully communicate through various methods, including written documentation.
  • Ability to work autonomously as a contributing member of a small technical team.
  • Experience working in a government environment.
  • Experience working in a distributed IT environment.
  • Basic knowledge of cyber security concepts.
  • Working knowledge of networking administration.
  • Working knowledge of system administration.
  • Ability to qualify for HSPD-12 card for use in two-factor authentication.
  • Able to effectively interact with user organizations to validate controls.
  • Able to effectively disseminate knowledge to current staff.
  • Government-furnished laptop, PIV Card, and PIV Card reader.
Track Jobs with Teal

Job Search Resources

Resume Builder
Financial Risk Analyst Resume Examples
Financial Risk Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service