Risk Analyst

About The Position

Requirements

• Three to seven years of professional experience in risk analysis, intelligence analysis, cybersecurity research, threat intelligence, geopolitical analysis, or a directly related research function.
• Bachelor's degree in a relevant field, such as intelligence studies, security studies, international relations, computer science, risk management, criminal justice, public policy, or comparable.
• Demonstrated portfolio of written analytical products. Candidates should be prepared to share two to three sanitized writing samples.
• Working command of at least one Nexus domain, with analytical literacy across adjacent domains.
• Proficiency with OSINT methods, source evaluation, and structured sourcing.
• Strong written English. Ability to write to a defined editorial voice and to revise efficiently against feedback.
• Capacity to operate independently on contract, manage deliverable timelines, and communicate proactively with the Team Leader, RRAG.

Nice To Haves

• Working knowledge of one or more risk management frameworks, such as NIST Cybersecurity Framework 2.0, NIST AI Risk Management Framework, ISO 31000, ISO 27001, COSO ERM, CMMC 2.0, or FAIR.
• Prior experience in government, intelligence community, military, law enforcement, or regulated industry settings.
• Relevant certifications, including but not limited to CISSP, CISM, CRISC, CFE, PSP, CPP, Security+, GIAC, or recognized intelligence analyst credentials.
• Experience producing subscription-based intelligence or commercial advisory products.
• Comfort with platform-based analytical workflows and AI-assisted research tooling.
• Experience supporting executive or board-level audiences.

Responsibilities

• Conduct primary and open-source intelligence research across one or more of the 12 Nexus of Risk domains: cyber, physical security, people, operational, financial, technology, safety, strategic, reputation, compliance and regulatory, supply chain, and geopolitical.
• Produce written analytical products including flat-rate client advisories, sector briefings, alert notifications, and content for subscription-tier deliverables.
• Apply structured analytic techniques to evaluate likelihood, impact, and intersection effects across risk domains, consistent with the Nexus of Risk methodology.
• Use the Tacilent platform and adjacent intelligence tooling to support research workflows, evidence tracking, and product publication.
• Maintain analytical rigor consistent with the Nexus of Risk taxonomy and Apogee editorial standards, including academic register in framework references and clear separation between framework content and illustrative examples.
• Contribute research inputs to RRAG-supported assets, including the Risk Apogee podcast, the RRAG webinar series, and LinkedIn distribution content.
• Participate in weekly editorial planning and product review with the RRAG team.

Benefits

• Occasional travel for client engagements or firm offsites at Apogee expense.
• Hourly or project-based compensation, market-competitive and commensurate with experience and domain depth.