Cyber Risk Assessment Analyst

About The Position

Requirements

• An ACTIVE and CURRENT SECRET federal or DOD security clearance.
• Bachelor’s Degree
• Minimum of FOUR (4) years of relevant experience OR Master’s Degree AND TWO (2) years of relevant experience.
• Excellent verbal and written communication skills, specifically in report writing.

Nice To Haves

• CRISC, CISSP or a Cyber Security AI certification
• Experience with NIST Federal Information Processing Standards and Special Publications, OMB guidance, and other regulatory authorities.
• Experience working for or with the Department of State.
• Demonstrated experience in the areas of external client-facing management and/or consulting for large firms.
• Demonstrated experience communicating highly technical subject matter to a non-technical audience.
• Ability to thrive in complex, challenging, and deadline-driven environments.
• Willingness to participate in proposal development and other business development activities.

Responsibilities

• Provide cybersecurity analysis support in the delivery of detailed enterprise cybersecurity risk analysis and reporting project with a large federal agency
• leverage advanced critical thinking capabilities to identify organizational cybersecurity risks and impacts
• Prepare for enterprise cybersecurity risk assessments by performing detailed organizational research and analysis to determine potential business impacts to mission objectives
• Conduct Tier 1 (organization) and Tier 2 (business/mission) level cybersecurity risk assessments in accordance with NIST Federal Information Processing Standards and Special Publications, OMB guidance, DHS Binding Operational Directives, and other regulatory authorities
• Perform detailed quantitative and qualitative organizational research and analysis regarding cybersecurity risks (threats, vulnerabilities, likelihood, and impact)
• Identify and develop detailed actionable recommendations for remediating cybersecurity risks in alignment with the organization’s defined risk tolerances and risk threshold
• Gather threat and vulnerability information from internal and external information sharing forums and sources
• Communicate cybersecurity risk assessment results through written narrative reports and executive-level presentations
• Identify, coordinate, track remediation, and monitor risk exposures; identify and communicate trends in data
• Evaluate cybersecurity program effectiveness in identifying, managing, and reducing risk
• Collaborate cross-functionally with internal analysts and engage external stakeholders to build awareness of cybersecurity risk assessment initiatives

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend