1 to 25 of 472 Permanent Risk Analysis Jobs

data. Key Responsibilities Security Architecture & Implementation Implement and maintain secure Azure architectures in line with best practices Develop and support cloud security policies and technical standards Conduct security assessments, risk analysis, and contribute to security roadmaps Collaborate with teams to integrate security into CI/CD and cloud-native applications Microsoft Security Stack Configure and manage Microsoft Defender … Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post More ❯

Information Assurance rules and regulations Design, develop, and implement solutions to Multilevel Security (MLS) requirements Gather and organize technical information about organizational mission goals, needs, and security products Perform risk analyses and assessments Provide technical support for secure software development and integration tasks Review work products for correctness and adherence to security standards Work with Security/IA products … years of experience in cybersecurity or related area Knowledge of DoD and DoN Information Assurance rules and regulations Understanding of security technologies and frameworks Experience with security assessment and risk analysis Desired: Security certifications (e.g., Security+, CISSP, CEH) Experience with DoD/Navy programs or similar government IT systems Knowledge of FedRAMP and DISA security requirements Familiarity with … Risk Management Framework (RMF) Experience with security tools and technologies Understanding of cloud security principles Knowledge of secure development practices SAFe certification Specific labor category determined by years of experience + educational degrees as stated below : Cyber Security Architect I - Bachelors degree and 3+ years of experience in Cyber Security or related area. Cyber Security Architect II - Bachelors degree More ❯

briefings to senior leadership and federal clients. Manage the integration of subcontractor and vendor deliverables, ensuring compliance with contract terms, service level agreements, and quality standards. Lead incident response, risk analysis, and problem resolution activities across IT operations, infrastructure, and cybersecurity programs. Oversee technical writing of Standard Operating Procedures (SOPs), process documentation, and knowledge base articles to support … as the Department of Defense and Department of Homeland Security is highly desirable. Experience with modern cloud platforms (AWS, Azure), data analytics solutions, and cybersecurity technologies is preferred. Strong risk management and strategic decision-making capabilities, with the ability to proactively assess risks and deliver effective mitigation strategies. Benefits Competitive salary and benefits package, including: Health, dental and vision More ❯

Air Force's cyber superiority by delivering robust and resilient IT security solutions. Our mission is to enhance the Air Force's defensive cyber operations through innovative security engineering, risk management, and continuous compliance. We're looking for a Cyber Security Compliance Specialist to join our team supporting the U.S. Air Force's Unified Platform software factory in San … expect a mix of onsite and remote work as part of a hybrid schedule. In this position, you can expect to: Lead security architecture reviews, vulnerability assessments, and security risk analyses for cloud and on-prem systems. Provide technical guidance to development and infrastructure teams to ensure secure design, configuration, and operation of systems. Manage implementation and maintenance of … NIST SP 800-53, DoD RMF, and DISA STIGs. Oversee preparation and continuous updates of security documentation, including System Security Plans (SSPs), Plan of Action & Milestones (POA&Ms), and risk assessments. Perform threat modeling and recommend mitigation strategies to reduce attack surface and address known vulnerabilities. Collaborate with ISSOs, ISSMs, and AOs to support ongoing authorization and assessment efforts. More ❯

ability to support authorization activities across complex environments. The Cloud Solutions Architect will interface with both engineering teams and cloud service providers to ensure that cloud solutions are resilient, risk-informed, and aligned with evolving federal security standards. Key Responsibilities • Lead Technical Exchange Meetings (TEMs) with cloud providers to evaluate cloud architectures and ensure alignment with mission requirements. • Maintain … Oracle Cloud, or IBM Cloud. • Evaluate and advise on cross-domain technology solutions and common security architecture designs. • Consult project teams and leadership on system architecture, security postures, and risk mitigation. • Lead and support continuous monitoring operations, including scan analysis using tools like Rapid7, Nessus, and Qualys. • Track and manage Plan of Action and Milestone (POA&M) items … to support remediation efforts and risk reduction. • Use tools such as Xacta 360, Risk Vision, or RSA Archer to monitor A&A activities and maintain compliance. • Leverage knowledge of the Common Control Provider model under the NIST Risk Management Framework (RMF). • Support preparation of A&A packages and collaboration with Security Control Assessors (SCAs). • Conduct More ❯

environments. Our team of security engineers support enhancements to system security architecture and cyber security capabilities; manage multiple system security plans for development, test and production systems following the Risk Management Framework (RMF); manage cross domain capabilities; and support Security Verification Testing (SVT) of relevant Type 1 devices. You will provide support for adding new capabilities to a complex … current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types More ❯

environments. Our team of security engineers support enhancements to system security architecture and cyber security capabilities; manage multiple system security plans for development, test and production systems following the Risk Management Framework (RMF); manage cross domain capabilities; and support Security Verification Testing (SVT) of relevant Type 1 devices. You will provide support for adding new capabilities to a complex … current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types More ❯

hybrid schedule. In this position, you can expect to: Design and implement security architectures for cloud-native and containerized systems in compliance with DoD cybersecurity standards. Perform vulnerability assessments, risk analysis, and compliance audits across mission systems. Integrate and maintain security tools such as container scanners, static and dynamic analysis, SIEM, EDR, and intrusion detection systems. Analyze … and the DoD Enterprise DevSecOps Reference Design. Collaborate with DevSecOps and SRE teams to embed security throughout the CI/CD pipeline. Participate in security incident response and forensic analysis, including root cause identification and mitigation planning. Maintain and optimize Identity and Access Management (IAM) policies, Role-Based Access Control (RBAC), and secrets management. Provide guidance and mentorship to More ❯

product office Prepare and review cybersecurity strategies, test plans, procedures, and reports Review and evaluate system performance against cybersecurity related specification requirements, monitor and assess field performance, and assess risk of meeting user and specification requirements Assist with cost, schedule, performance, and risk analyses Assist with contract deliverables Assist with IT/cyber tasks in adjacent product offices … or the higher project office, as needed Requirements Knowledge and Skills Advanced understanding of cybersecurity principles, frameworks, and best practices Expertise in RMF (Risk Management Framework) implementation and documentation Experience with audit planning and execution Strong analytical and problem-solving abilities Ability to collaborate effectively in cross-functional teams Demonstrated project management skills for cybersecurity initiatives Experience developing standard More ❯

prevention systems (IDS/IPS), and security logs to ensure compliance and security integrity. Utilize SIEM tools to correlate security logs, identify anomalies, and proactively address vulnerabilities. Conduct log analysis, security forensics, and root cause investigations for cyber incidents. Information Assurance (IA) Policy & Compliance Ensure compliance with DoD, DOE, and Law Enforcement cybersecurity regulations, including RMF, NIST … Develop, implement, and enforce IA policies, security guidelines, and best practices to safeguard IT systems. Oversee patch management, system hardening, and vulnerability scanning to maintain compliance. Conduct regular audits, risk assessments, and security control evaluations to identify gaps and recommend improvements. Generate compliance reports, incident summaries, and vulnerability assessment findings for Federal stakeholders. Vulnerability Management & Network Security Oversee the … ensuring the execution of security operations and incident resolution. Collaborate with Federal stakeholders, IT teams, and contractors to align cybersecurity operations with mission objectives. Strategic Planning & Security Improvements Perform risk analysis and cybersecurity threat modeling to enhance system security postures. Develop strategic plans for cybersecurity improvements, system hardening, and security automation. Identify and implement emerging security technologies to More ❯

VIRGINA - URGENT Job Type: Full-time Clearance Level: Top secret/SCI Work Arrangement: Remote Job Location: Arlington VA Salary: 200k - 250k Background Provide the AO with an independent risk assessment of assigned systems and an authorization Advise program managers on AO determination utilizing OVL documentation Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities Utilize … expert knowledge and experience regarding risk management strategies in support of a major DoD program Providing support regarding the agile authorization and OVL processes Provide independent risk analysis and recommendation Collaborate between the AO and the program as well as program leadership Identify the security baseline based on the mission and security impacts to the system Determine … Assess the security requirements in accordance with the assessment procedures defined in the security Assessment plan (SAP) Prepare the SAR Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate Develop the risk recommendation and AO determination brief Develop a system-level continuous monitoring strategy Author and present briefs regarding status of authorizations to AO More ❯

current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types … relevant type 1 devices. Required Skills Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP, and Wireshark hardware More ❯

all classified and unclassified networks and will ensure system management tools are operating at maximum efficiency in a secure environment. The applicant will also contribute to the planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Our team is looking for a Systems Operations (SysOps) Engineer to focus on the development More ❯

information assurance-related technical problems and provides recommendations and technical support in solving these problems. Assess and supports implementation of solutions that meet network security requirements. Review vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Perform duties associated with development and review of RMF packages. Support continuous improvement of … problems and provides recommendations and technical support in solving these problems. Be able to assess and support implementation of solutions that meet network security requirements. Experience with vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Advanced technical writing skills for developing documentation, reports, and training materials. The candidate must More ❯

current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types … hold an active TS/SCI clearance with Polygraph. Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware More ❯

of security products and services, recommending best-fit solutions. Support incident investigations and security control enhancements. Ensure security architectures align with industry frameworks such as TOGAF and SABSA. Gap Analysis Report: Assessing current security posture against NIST 800-53. Security Control Mapping: Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. … least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCI DSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work in high-security HMG and MOD environments. Desirable Certifications CompTIA Security+, CISSP, CISM, CCSP, TOGAF … SABSA SCF. CESG Certified Cyber Professional (CCP) in Security Architecture or Risk Management. Why Join DXC Technology? At DXC, you will work on high-profile security projects, collaborating with some of the industry's top professionals. We provide a dynamic, high-security environment where your expertise will directly contribute to national security and business resilience. Recruitment fraud is a More ❯

of security products and services, recommending best-fit solutions. Support incident investigations and security control enhancements. Ensure security architectures align with industry frameworks such as TOGAF and SABSA. Gap Analysis Report: Assessing current security posture against NIST 800-53. Security Control Mapping: Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. … least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCI DSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work in high-security HMG and MOD environments. Desirable Certifications CompTIA Security+, CISSP, CISM, CCSP, TOGAF … SABSA SCF. CESG Certified Cyber Professional (CCP) in Security Architecture or Risk Management. Why Join DXC Technology? At DXC, you will work on high-profile security projects, collaborating with some of the industry's top professionals. We provide a dynamic, high-security environment where your expertise will directly contribute to national security and business resilience. At DXC Technology, we More ❯

architecture reviews, and ensure mission-critical services remain secure and compliant across leading commercial cloud platforms. This is a hands-on technical role requiring expertise in cloud technologies, federal risk management frameworks, and secure systems engineering. Key Responsibilities • Facilitate Technical Exchange Meetings (TEMs) with cloud service providers to evaluate cloud service architectures and integration strategies. • Support the design, implementation … in alignment with NIST 800-53, FIPS 199, CNSS 1253, and Sponsor-specific guidance. • Analyze scan results using tools such as Nessus, Rapid7, and Qualys; assess vulnerabilities and develop risk mitigation strategies. • Support continuous monitoring activities and implement controls aligned with evolving mission requirements. • Track compliance activities using tools such as Xacta 360, RSA Archer, or Risk Vision. … Archer). • Experience working with cross-domain technologies and secure architecture designs. • Ability to collaborate effectively with SCAs and prepare comprehensive security packages. • Strong understanding of information security controls, risk assessments, and A&A documentation. • Ability to advise teams on system engineering and security requirements in a classified environment. Education Requirement • Bachelor's degree in Cybersecurity, Information Systems, Computer More ❯

role focuses on maintaining the framework and tools needed to validate the software and hardware systems that power the SPL, including the simulation suite, execution engine, and telemetry processing & analysis tooling. The SPL Systems Administrator supports the development and life cycle maintenance of the NSSI's SPL including supporting, analyzing and developing solutions to complex technical problems associated with … update RMF authorization package artifacts. • Notify customer when changes occur that might affect IT systems accreditation package. • Perform security reviews, identify gaps in security architecture, and update a security risk management plan with other System Administrators, Cybersecurity Liaisons and ISSM/ISSO. • Provide Configuration Management recommendations for security-relevant information system software and hardware. • Perform risk analysis … SCI clearance Knowledge and understanding of Windows Active Directory including DNS, IIS, DHCP, RADIUS, and other DoD Space/Air Force applications applicable to the NSSI SPL. Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and other IA tools. Experience updating cyber artifacts and other supporting documentation in maintaining ATO's. Customer More ❯

related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security More ❯

bid, labor category, and skill level is at the discretion of the Contractor. INTRODUCTION: The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise … and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes … The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts More ❯

current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types … relevant type 1 devices. Basic Qualifications Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware More ❯

products and services, recommending best-fit solutions. Support incident investigations and security control enhancements. Ensure security architectures align with industry frameworks such as TOGAF and SABSA. Key Deliverables Gap Analysis Report: Assessing current security posture against NIST 800-53. Security Control Mapping: Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. … least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCI DSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work in high-security HMG and MOD environments. Desirable Certifications CompTIA Security+, CISSP, CISM, CCSP, TOGAF … SABSA SCF. CESG Certified Cyber Professional (CCP) in Security Architecture or Risk Management. ISO27001 Lead Auditor. More ❯

current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. Communicating … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of different types … relevant type 1 devices. Basic Qualifications: Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP, and Wireshark; hardware More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include … design and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification, authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯