Cyber Risk Management Analyst- Department of Education

FEDSYNCNew York, NY
Hybrid
Match Resume

About The Position

The Cyber Risk Management Analyst drives enterprise cybersecurity risk management by transforming compliance into a strategic advantage. This role quantifies risks, assesses control effectiveness, and ensures alignment with NIST 800-53 and FISMA frameworks. The Analyst collaborates with Cybersecurity Engineers and Business Analysts to define compliance guardrails, prioritize remediation, and track key cyber risks across the DOE environment. Two (2) Cyber Risk Management Analysts are required for this engagement. Work will be a hybrid schedule withe 3 days in the office and 2 days of telework.

Requirements

  • 3+ years of experience in cyber risk management, GRC, or a related cybersecurity compliance role.
  • Expertise in GRC methodologies, third-party risk management (TPRM), and federal compliance (NIST SP 800-53, 800-37).
  • Skilled in Risk Register tracking, Security Impact Analyses, and managing the POA&M lifecycle.
  • Experience developing security awareness content and phishing simulation programs.
  • Strong data visualization and analytical reporting skills.
  • CISA, CRISC, CGEIT, CISSP
  • CompTIA Security+, CCSK, or CGRC
  • Acceptable background check including criminal history background check and credit Check.

Responsibilities

  • Lead enterprise-wide risk assessments using GRC methodologies to identify, evaluate, and prioritize risks, translating technical vulnerabilities into business impact for stakeholders.
  • Ensure ongoing compliance with federal frameworks including NIST SP 800-53 and 800-37 (RMF) through periodic audits and Security Impact Analyses for new and existing system interconnections.
  • Maintain and manage the enterprise Risk Register, tracking key cyber risks and overseeing the full lifecycle of Plans of Action and Milestones (POA&M).
  • Continuously monitor and report critical cyber risks using risk dashboards and metrics to provide actionable insights to leadership and maintain enterprise risk posture.
  • Design and implement security awareness programs and phishing simulations to reduce social engineering risks and strengthen organizational security culture.
  • Collaborate with Cybersecurity Engineers and Business Analysts to define compliance guardrails and prioritize remediation activities based on risk impact.
  • Leverage GRC platforms and tools to generate automated risk metrics, heat maps, and executive-level security posture reports.
  • Conduct security awareness training for both central and instructional employees, and develop age-appropriate student programs.
  • Aggregate risk data and produce executive reports on the organization's security posture and regulatory compliance status (monthly/quarterly).

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

1-10 employees

Job Search Resources

Similar Cyber Risk Management Analyst- Department of Education job opportunities

Cyber Risk Management Analyst
Clearwaters.IT
Clearwaters.IT • New York, NY1d • Hybrid
🔥 New JobCyber Risk Management Analyst
Clearwaters.IT
Clearwaters.IT • Brooklyn Heights, NY1d • Hybrid
🔥 New JobCybersecurity Analyst
FEDSYNC
FEDSYNC • New York, NY1d • Hybrid
Analyst, Risk Management
TheGuarantors
TheGuarantors • New York, NY8d • $110,000 - $130,000 • Hybrid
Risk Management Analyst
Westmark Credit Union
Westmark Credit Union • Idaho Falls, ID6d
Risk Management Analyst
Hackensack Meridian Health
Hackensack Meridian Health • Hackensack, NJ3d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service