1 to 25 of 320 Risk Analysis Jobs

real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery plans. Investigate and document security … breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of More ❯

VIRGINA - URGENT Job Type: Full-time Clearance Level: Top secret/SCI Work Arrangement: Remote Job Location: Arlington VA Salary: 200k - 250k Background Provide the AO with an independent risk assessment of assigned systems and an authorization Advise program managers on AO determination utilizing OVL documentation Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities Utilize … expert knowledge and experience regarding risk management strategies in support of a major DoD program Providing support regarding the agile authorization and OVL processes Provide independent risk analysis and recommendation Collaborate between the AO and the program as well as program leadership Identify the security baseline based on the mission and security impacts to the system Determine … Assess the security requirements in accordance with the assessment procedures defined in the security Assessment plan (SAP) Prepare the SAR Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate Develop the risk recommendation and AO determination brief Develop a system-level continuous monitoring strategy Author and present briefs regarding status of authorizations to AO More ❯

to ensure due process and policy alignment. Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments. Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds. Perform vulnerability assessments and risk analysis on high-value systems and personnel. Support compliance with NIST More ❯

current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types … hold an active TS/SCI clearance with Polygraph. Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware More ❯

security standards. Participate in incident response activities, including identifying, reporting, and helping to resolve security incidents. Contribute to the development and delivery of security awareness training for staff. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process and recommend security solutions to address any identify gaps. Maintain Security Documentation … Ensure all system documentation is up to date. POAMs: Manage and Maintain Plans of actions and milestones, by tracking remediation efforts, validating closure evidence, prioritizing and communicating risk, and ensuring timely. Oversee Configuration Management: Manage changes to security-relevant software, hardware, and firmware to maintain system security. Basic Qualifications: As a requirement of this position, all candidates must be … II. Preferred Qualifications: Experience Shaping policies and programs for DoD information security initiatives. Knowledge of NIST guidance (SP 800-37, 800-53, 800-161) and JSIG guidance. Hands-on risk assessment experience that incorporates system/mission requirements and operation constraints. Splunk Experience to enhance your threats detection capabilities. Other Requirements: Must have an active Secret clearance with the More ❯

security standards. Participate in incident response activities, including identifying, reporting, and helping to resolve security incidents. Contribute to the development and delivery of security awareness training for staff. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process and recommend security solutions to address any identify gaps. Maintain Security Documentation … Ensure all system documentation is up to date. POAMs: Manage and Maintain Plans of actions and milestones, by tracking remediation efforts, validating closure evidence, prioritizing and communicating risk, and ensuring timely. Oversee Configuration Management: Manage changes to security-relevant software, hardware, and firmware to maintain system security. Basic Qualifications: As a requirement of this position, all candidates must be … II. Preferred Qualifications: Experience Shaping policies and programs for DoD information security initiatives. Knowledge of NIST guidance (SP 800-37, 800-53, 800-161) and JSIG guidance. Hands-on risk assessment experience that incorporates system/mission requirements and operation constraints. Splunk Experience to enhance your threats detection capabilities. Other Requirements: Must have an active Secret clearance with the More ❯

related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security More ❯

bid, labor category, and skill level is at the discretion of the Contractor. INTRODUCTION: The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise … and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes … The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts More ❯

products and services, recommending best-fit solutions. Support incident investigations and security control enhancements. Ensure security architectures align with industry frameworks such as TOGAF and SABSA. Key Deliverables Gap Analysis Report: Assessing current security posture against NIST 800-53. Security Control Mapping: Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. … least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCI DSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work in high-security HMG and MOD environments. Desirable Certifications CompTIA Security+, CISSP, CISM, CCSP, TOGAF … SABSA SCF. CESG Certified Cyber Professional (CCP) in Security Architecture or Risk Management. ISO27001 Lead Auditor. More ❯

and continuously monitor for compliance. • Verify data security access controls and assign privileges based on need-to-know. • Investigate suspected cybersecurity incidents in accordance with Departmental directives and applicable Risk Management Implementation Plans (RMIPs). • Apply and maintain required confidentiality controls and processes. • Verify authenticator generation and verification requirements and processes. • Execute media sanitization (clearing, purging, or destroying) and … to support customer requirements. • Identify, report, and resolve security violations. • Establish and satisfy information assurance and security requirements based on user, policy, regulatory, and resource demands. • Perform vulnerability/risk analysis of computer systems and applications during all phases of the system development life cycle. Required Skills: • Per contract requirements candidates must possess an active TS/SCI … the Department of Defense (DoD) or Intelligence community. • 2 years of experience as a Cyber or Security Analyst for federal information systems. • 2 years of experience with the Federal Risk and Authorization Management Program (FedRAMP). Minimum Requirements TCS040, T4, Band 7 Desired Skills: • IAT level III certification (CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH), or More ❯

and guidance to develop reliable, secure, and compliant security solutions tailored to project needs. Your responsibilities include: Advising on high-level security architecture and contributing to design processes, including risk assessments Consulting on security component architectures (e.g., SIEM, IAM, gateways) Evaluating architectures against policies and standards (NIST, ISO, JSP) Justifying architectural decisions Coordinating across multidisciplinary teams Presenting solutions to … recognized as a valuable contributor to sensitive programs. COMPETENCIES: You can independently define architectures, are proficient in Infrastructure Security, Security Supervision, and Information Systems Security. You are familiar with Risk Analysis, Network Security, Cryptography, IAM, cloud technologies, and compliance monitoring. You excel in working with customers and technical teams. NICE TO HAVE: Domain expertise in Defence, Nuclear, Government … Aerospace, CNI, Transport; experience in Risk Management and Accreditation. CAREER DEVELOPMENT: Thales offers opportunities to explore different domains, roles, and international careers. We support personal growth, talent development, and career flexibility within our global organization. Candidates must provide proof of identity, work eligibility, and employment/education history for up to three years. Some roles may require full Security More ❯

known as the CASP+) Certification required Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware … Five (05) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development. Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis More ❯

policies, standards, and procedures, and ensuring compliance with regulations like GDPR, HIPAA, and PCI-DSS. Incident Response : Planning and executing incident response strategies, including detection, containment, eradication, and recovery. Risk Management : Identifying, assessing, and mitigating security risks through risk analysis and management frameworks. Security Architecture Design : Creating and maintaining security architecture frameworks and models, such as SABSA More ❯

IT RISK MANAGEMENT SENIOR ANALYST WHAT IS THE OPPORTUNITY? "The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of IT Control assessment by the ITRM Security Senior Analyst includes fit for purpose review … and challenges and process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely performing review and challenge reviews agains … I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Anlayst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's More ❯

IT RISK MANAGEMENT SENIOR ANALYST WHAT IS THE OPPORTUNITY? "The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of IT Control assessment by the ITRM Security Senior Analyst includes fit for purpose review … and challenges and process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely performing review and challenge reviews agains … I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Anlayst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's More ❯

IT RISK MANAGEMENT SENIOR ANALYST WHAT IS THE OPPORTUNITY? "The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of IT Control assessment by the ITRM Security Senior Analyst includes fit for purpose review … and challenges and process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely performing review and challenge reviews agains … I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Anlayst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's More ❯

IT RISK MANAGEMENT SENIOR ANALYST WHAT IS THE OPPORTUNITY? "The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of IT Control assessment by the ITRM Security Senior Analyst includes fit for purpose review … and challenges and process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely performing review and challenge reviews agains … I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Anlayst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's More ❯

IT RISK MANAGEMENT SENIOR ANALYST WHAT IS THE OPPORTUNITY? "The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of IT Control assessment by the ITRM Security Senior Analyst includes fit for purpose review … and challenges and process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely performing review and challenge reviews agains … I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Anlayst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's More ❯

Role overview: Working for a security vendor, the Security team are accountable for the company's Information Security, Security Architecture, Security Compliance, Security Awareness, Security Operations and Information Security Risk Management Activities. You'll work closely with development and operational teams to design, implement/recommend application security controls. This is a new role for the company requiring a … will have a background in software development. Main tasks and responsibilities: Assess and identify gaps in current application security controls and provide guidance to resolve and remediate based on risk to the business Working with the DevOps teams, establish and design processes to improve the secure development of products and services during the SDLC Provide guidance and support during … with knowledge of Application Security Frameworks e.g. OWASP SAMM/DSOMM etc Hands-on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques Strong understanding of application security awareness, including the security of web applications Experience with risk management activities - identifying, assessing and providing remediation More ❯

and with little supervision. • Excellent interpersonal skills, sound judgment, and organizational/administrative skills. • Ability to communicate and interact with diverse technical and non-technical groups. DESIRED SKILLS: • Malware analysis or digital computer forensics experience is a plus. • Cyber related Law Enforcement or Counterintelligence experience. • Existing Subject Matter Expert of Advanced Persistent Threats and Emerging Threats. • Understanding of risk … technology from device turn on to power off, network functions (SMS, MMS, Voice, Data) and cellular system functions. • Understanding of wireless and RF technology. • Understanding and experience in conducting risk analysis, risk management, infosec, system testing and client structures. TECHNOLOGIES USED: Operating Systems: • Microsoft Windows (7 - 10, Server ) • UNIX (Solaris, HP-UX, etc.,) Operating System versions • Common More ❯

compliance with Department of Defense (DoD) security policies. Key Responsibilities: Monitor and analyze system security logs and alerts to identify suspicious activities and potential threats. Support vulnerability assessments and risk analysis activities. Implement security controls in accordance with DoD cybersecurity regulations and RMF (Risk Management Framework). Assist with security incident response, containment, investigation, and remediation efforts. More ❯

development of high level security compliant architecture and contribution to the design of the preliminary and detailed designs of the solution: it includes the study of alternatives and a risk assessment Consult on potential security components architectures (e.g. SIEM, IAM, gateways, detection and deception capabilities ) Evaluate architectures against Business Line policy and major cyber security standards & regulation frameworks (NIST … You are proficient with Infrastructure Security Design, Security Supervision Design, and Information Systems Security (ISS) You can advise and give support to the rest of the team Familiar with Risk Analysis, Network Security, Cryptography, Identity & Access Management (software/hardware development, the NIST Cybersecurity Framework, cloud technologies) Able to monitor and measure risk as well as compliance … You have the ability to work with customers and technical teams NICE TO HAVE: Domain knowledge - Defence, Nuclear, Government, Aerospace, CNI, Transport Risk Management and Accreditation YOUR CAREER AT THALES Future opportunities will allow you to discover other domains or sites. You will be able to evolve and grow your competences in different areas: Room and attention to personal More ❯

Key Responsibilities: Implement and manage security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEMs, and endpoint protection Conduct threat and vulnerability assessments, penetration testing, and risk analysis activities Design and deploy security controls that align with enterprise architecture and regulatory requirements Support secure configuration and hardening of systems, applications, and infrastructure Monitor and respond More ❯

LEAD IT RISK & CONTROL WHAT IS THE OPPORTUNITY? "The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of security assessment by the Lead ITRC Security Analyst includes third party security and overall … This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's … overall risk appetite. The Lead ITRC serves as an expert area of specialization. This role is a working lead that provides functional guidance and may coordinates or supervise the daily activities of individual contributors or working teams in areas of specialization.Provides input on resources planning, procedures," WHAT WILL YOU DO? "Define analysis objectives, collect data from internal and More ❯

LEAD IT RISK & CONTROL WHAT IS THE OPPORTUNITY? "The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of security assessment by the Lead ITRC Security Analyst includes third party security and overall … This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's … overall risk appetite. The Lead ITRC serves as an expert area of specialization. This role is a working lead that provides functional guidance and may coordinates or supervise the daily activities of individual contributors or working teams in areas of specialization.Provides input on resources planning, procedures." WHAT WILL YOU DO? "Define analysis objectives, collect data from internal and More ❯