Cyber Risk Analyst

Peraton•Bowie, MD

2d•$86,000 - $138,000•Onsite

About The Position

Peraton is seeking a Cyber Risk Analyst to support cybersecurity risk identification, assessment, and mitigation across modernization initiatives aligned with the Federal Aviation Administration (FAA). This role is ideal for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. The Cyber Risk Analyst will be at the center of cybersecurity decision-making, analyzing risk, advising leadership, and ensuring emerging technologies are deployed securely and responsibly. They will collaborate across engineering, operations, and compliance teams to translate technical vulnerabilities into clear, actionable risk insights that shape how aviation systems are protected. Cyber risk management is essential to maintaining trust in the National Airspace System. As a Cyber Risk Analyst, you help ensure that new technologies are introduced responsibly, vulnerabilities are addressed proactively, and leadership has the insight needed to make informed decisions. Your work directly supports the FAA’s mission to protect national infrastructure, reduce cyber risk, and maintain the safest and most reliable aviation system in the world. This role is not just about compliance—it’s about enabling secure innovation at a national scale.

Requirements

U.S. Citizenship Required.
Must have the ability to obtain / maintain a Public Trust clearance.
Bachelor’s degree and 5 years experience or Masters degree and 3 years experience or Associate’s degree and 7 years experience or HS diploma/equivalent and 9 years experience.
Demonstrated experience supporting cyber risk management or compliance in federal or regulated environments
Strong knowledge of NIST 800-53, NIST RMF, FISMA, and cybersecurity risk methodologies
Experience supporting system authorization, POA&M management, and continuous monitoring
Demonstrated experience supporting security control assessments, risk scoring, and mitigation tracking for enterprise systems.
Familiarity with incident response coordination.

Nice To Haves

Experience supporting FAA, DOT, or other federal aviation systems.
Familiarity with aviation systems, critical infrastructure, or safety-critical environments.
Experience with FedRAMP cloud environments and shared responsibility models.
Knowledge of Zero Trust principles and risk-based security architectures.
Industry certifications such as CISSP, CISM, CRISC, or Security+.
Experience using GRC tools or risk tracking platforms.
Familiarity with NextGen FAA modernization efforts.

Responsibilities

Identify, analyze, and document cybersecurity risks across FAA systems and modernization initiatives.
Support Risk Management Framework (RMF) activities, including risk assessments, control validation, and mitigation planning.
Evaluate system compliance with NIST standards, FISMA, FedRAMP, and FAA cybersecurity requirements.
Conduct risk assessments, gap analyses, and threat evaluations for new and existing systems.
Translate technical findings into clear risk statements and executive-level recommendations.
Support system authorization (ATO), continuous monitoring, and audit readiness activities.
Collaborate with system owners, ISSOs, architects, and engineers to track and reduce cybersecurity risk.
Monitor remediation efforts and validate closure of cybersecurity findings.
Support development and maintenance of risk registers, POA&Ms, and compliance artifacts.
Prepare reports, dashboards, and briefings for FAA leadership and program stakeholders.
Ability to clearly communicate cyber risk to both technical and non-technical audiences.