101 to 125 of 474 Permanent Risk Analysis Jobs

Trust Architect, DevSecOps engineers, system administrators, and government cybersecurity personnel, the specialist will manage system security controls, support developing and reviewing System Security Plans (SSPs), and assist with Security Analysis Reports. The specialist monitors network and user activity, enforces policy-based access, conducts vulnerability analysis, and contributes to POA&Ms, waivers, and exemption packages. This role ensures compliance … with DoD cyber requirements while addressing emerging threats and maintaining system resiliency. ESSENTIAL JOB FUNCTIONS Evaluate, implement, and maintain cybersecurity frameworks following the DoD Risk Management Framework (RMF). Develop and update System Security Plans (SSPs), Security Analysis Reports, and associated RMF documentation for DCGS and STATEFARM systems. Design and enforce access control policies, user authentication procedures, and … DoD or intelligence community environment. Strong background in developing RMF documentation, managing system security controls, and responding to cybersecurity audits or assessments. Hands-on experience with system hardening, vulnerability analysis, and cybersecurity operations in a classified environment. Familiarity with automated security toolsets and network intrusion detection/response processes. Experience supporting secure software development, implementation, and testing cycles preferred. More ❯

responsible for assisting in identifying the overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls, and perform and analyze the security risk assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems and networking operations. Will provide assistance to ensure Cybersecurity functions are included … the acquisition/RDT&E environment and building Cybersecurity into systems deployed in operational environments. Prepare security authorization documentation. Qualifications: Four to eight years of experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager or DAO in programs and contracts of similar scope, type and complexity is required. A bachelor's degree in computer science … security design process, defense-in- d epth/breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, security authorization process, principles of Cybersecurity (confidentiality, integrity, non-repudiation, availability, access control), and security testing. DoD More ❯

technology skills: Experience using DoD security management tools including ACAS and eMASS Experience reviewing and applying STIGs Experience using security scanning tools including Fortify and Nessus Experience using log analysis tools such as Splunk Understanding of NIST RMF monitoring and controls Understanding of system ATO artifacts Data and mathematical analysis skills Vulnerability and risk analysis experience More ❯

applications and dashboards. Develop Security Test Procedure (STP), conducts self-assessments to verify compliance with required configuration guidance and support A&A testing and validation of security designs. Conducting risk analysis reviewing ACAS, CVEs, plugins, CWEs, research, collaborating with System Administrators to mitigate identified vulnerabilities and/or author Plans of Actions and Milestones (POA&M) as needed. … report to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC) Support security authorization activities in compliance with the customer Information System Certification and Accreditation Process following the NIST Risk Management Framework (RMF), CNSSI No 1243 and other prescribed business processes for security engineering. Assist architects and systems developers in the identification and implementation of appropriate information security functionality … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

Competitive package valued between $13,000 for individuals and $28,000 for families. Openings: Multiple roles supporting various DoD customers. Knowledge Requirements: Systems architecture, requirements engineering, system verification & validation, risk analysis, and familiarity with tools like DOORS and defense industry standards (DoDAF). Additionally, proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB, Simulink, or similar … standards and frameworks. Knowledge of large-scale system architecture development and lifecycle management. Proficiency in developing engineering processes, technical documentation, and requirement frameworks. Understanding of system modeling and performance analysis for naval systems. Familiarity with NAVWAR program management and system engineering governance. What Makes G2 Ops Different? At G2 Ops, we know that choosing a company is about more … related field. Master's degree is preferred. 10+ years of experience in systems engineering, preferably within the defense or military sector Strong understanding of systems engineering processes, including requirements analysis, design, integration, and testing. Experience with Naval Warfare systems, including familiarity with NAVWAR programs or similar DoD systems. Proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB More ❯

Competitive package valued between $13,000 for individuals and $28,000 for families. Openings: Multiple roles supporting various DoD customers. Knowledge Requirements: Systems architecture, requirements engineering, system verification & validation, risk analysis, and familiarity with tools like DOORS and defense industry standards (DoDAF). Additionally, proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB, Simulink, or similar … standards and frameworks. Knowledge of large-scale system architecture development and lifecycle management. Proficiency in developing engineering processes, technical documentation, and requirement frameworks. Understanding of system modeling and performance analysis for naval systems. Familiarity with NAVWAR program management and system engineering governance. What Makes G2 Ops Different? At G2 Ops, we know that choosing a company is about more … related field. Master's degree is preferred. 2+ years of experience in systems engineering, preferably within the defense or military sector Strong understanding of systems engineering processes, including requirements analysis, design, integration, and testing. Experience with Naval Warfare systems, including familiarity with NAVWAR programs or similar DoD systems. Proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB More ❯

maintain compliance standard procedures supporting customer and government agency requirements to include Standard Operating Procedures (SOPs), Standard Practices and Procedures (SPPs), Operational Security (OPSEC), Emergency Action Plans (EAPs) and Risk Analysis Investigations specific to the facility • Establish and maintain effective security awareness training including, as required: Annual Security Briefings, Counterintelligence, Espionage, Insider Threat, Courier, NATO, debriefings, indoctrinations, pre … for all government sensitive programs and ensure personnel cleared on those programs receive initial and refresher Desired ISSM Responsibilities: • Reviewing, preparing, and updating ATO packages in accordance with NIST Risk Management Framework and customer policy, procedures and guidelines. • Identify and communicate changes that might affect information system (IS) security authorization status to include identifying security deficiencies/discrepancies and … Control Assessors (SCA), and other external/internal customers. • Development, implementation, and maintenance of System Security Plans (SSP), Standard Operating Procedures (SOP), information security policies to ensure compliance with Risk Management Framework (RMF) guidelines. • Development and maintenance of Plan of Action and Milestones (POA&M) through mitigation and risk acceptance. • Oversee the scheduling, installation, implementation and maintenance of More ❯

applications and dashboards. Develop Security Test Procedure (STP), conducts self-assessments to verify compliance with required configuration guidance and support A&A testing and validation of security designs. Conducting risk analysis reviewing ACAS, CVEs, plugins, CWEs, research, collaborating with System Administrators to mitigate identified vulnerabilities and/or author Plans of Actions and Milestones (PO&AM) as needed. … report to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC) Support security authorization activities in compliance with the customer Information System Certification and Accreditation Process following the NIST Risk Management Framework (RMF), CNSSI No 1243 and other prescribed business processes for security engineering. Assist architects and systems developers in the identification and implementation of appropriate information security functionality … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

Description Background Information: Innovative Defense Technologies (IDT), provider of cutting-edge cloud-based integration, automated testing and data analysis for complex, mission-critical systems in the US Department of Defense (DOD), is seeking a Sr. Systems Engineer (Missile Defense System of Systems) to be based out of Arlington, VA, Mount Laurel, NJ or Huntsville, AL. Leveraging advanced software automation … currently possess an active U.S. Security Clearance. Responsibilities Include: Apply MBSE and classical SE processes across the development lifecycle (SRR, PDR, CDR, V&V) Provide guidance for interface control, risk analysis and trade studies Ability to coordinate and align software, hardware and algorithm teams Minimum Required Qualifications: Bachelor's degree in relevant field 10+ years of experience with More ❯

Description Background Information: Innovative Defense Technologies (IDT), provider of cutting-edge cloud-based integration, automated testing and data analysis for complex, mission-critical systems in the US Department of Defense (DOD), is seeking a Sr. Systems Engineer (Missile Defense System of Systems) to be based out of Arlington, VA, Mount Laurel, NJ or Huntsville, AL. Leveraging advanced software automation … currently possess an active U.S. Security Clearance. Responsibilities Include: Apply MBSE and classical SE processes across the development lifecycle (SRR, PDR, CDR, V&V) Provide guidance for interface control, risk analysis and trade studies Ability to coordinate and align software, hardware and algorithm teams Minimum Required Qualifications: Bachelor's degree in relevant field 10+ years of experience with More ❯

the specified time and cost. Supporting the implementation of large scale projects with the Programme Manager, Senior Project Manager and Business Change Manager, including task and work package management, risk and issue management, progress reporting and creating and maintaining all project documentation. Managing work packages across projects, ensuring deliverables are aligned to requirements and meet the relevant standards, working … application in a healthcare environment Sound knowledge or experience of change management and quality improvement/transformation Up-to-date knowledge of information governance and GDPR Specialist knowledge of risk analysis processes Knowledge of data definitions, data standards and statutory reporting Evidence of relevant Continued Professional Development Desirable PRINCE2 Practitioner Management Qualification Diploma level ITIL or equivalent qualification More ❯

government clients to thoroughly understand their system architectures, security requirements, and objectives for achieving and maintaining ATO status within the context of government regulations. Conduct exhaustive security assessments and risk analyses that cater to government system compliance, identifying vulnerabilities and potential threats specific to government systems. Monitor security systems, logs, and network traffic with a keen focus on government … solutions from IL5 to IL6+ on NIPR, SIPR, and JWICS. Understanding of network protocols, operating systems, and infrastructure components. Strong proficiency in incident response, security incident handling, and forensic analysis techniques. Expertise with government specific ATO assessment tools, vulnerability scanning tools, and intrusion detection/prevention systems. Effective communication skills, with the ability to convey complex technical concepts to More ❯

Responsible for implementing and developing the DHS IT security - Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs - Performing risk analyses, which also includes risk assessment - Providing support to plan, coordinate, and implement the lab's information security - Providing support for facilitating and helping the lab identify its More ❯

Implementing and development of the DHS IT security standards • Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs • Performing risk analyses which also includes risk assessment • Planning and leading major technology assignments • Evaluating performance results and recommends major changes affecting short-term project growth and success - Functioning as More ❯

support security authorization efforts (FedRAMP, FISMA) by preparing and maintaining System Security Plans (SSPs), POA&Ms, Contingency Plans, and other artifacts or Nessus Conduct vulnerability scans, security assessments, and risk analyses using tools like AWS Security Hub. Serve as the security POC and collaborate with stakeholders to ensure systems remain compliant with NIST 800-53 and DOJ-specific policies. More ❯

be yourself. Where you can thrive. Where you can find your next, right now. We've got what you're looking for. Job Description: Parsons is looking for a Risk Manager to join our team! The primary objective of the Risk Manager is to provide contractor services and deliverables through the performance of program/project risk … multiple data systems supporting support program and project management efforts by identifying, analyzing, and mitigating risks that may impact cost, schedule, scope, or performance. The RMCS shall provide technical risk management expertise and integrate risk analysis using multiple data systems into program and project planning, execution, and decision-making processes. What You'll Be Doing: Specific tasks … include but are not limited to the following: Identify, analyze, track, record and provide guidance with respect to actions to manage and/or mitigate risks. Conduct structured risk assessments at key project phases (planning, design, procurement, construction, and closeout) to support client decision making and ensure proactive risk mitigation. Coordinate with the program and project teams and More ❯

resilient platforms across converged IT and Operational Technology (OT) environments. This multi-year programme is governed by the highest standards of cyber assurance and regulatory scrutiny. As the Security & Risk Management Lead, you willact as the programme's senior security authority. You will define and own the security vision, risk posture and regulatory compliance strategy, embedding a Secure … delivery scope, inform design decisions, and meet evolving regulatory expectations. Your work will be integral to establishing a compliant, assured, and future-ready cyber operating model. As the Security & Risk Management Lead, you will: Serve as the executive security owner for the programme, accountable for cyber posture, risk exposure, and regulatory alignment Lead the adoption and enforcement of …/IEC 62443 zones and conduits methodology Provide assurance of technical controls across Security Levels SL1 to SL4, validating patterns such as segmentation, RBAC, and incident containment Lead cyber risk management activities including threat modelling and formal risk analysis (Bow-Tie, Attack Trees, Swiss Cheese, HAZOPs) Own the delivery of the Cybersecurity Requirements Specification (CRS) for all More ❯

the highest level of system security. • Develop and maintain formal documentation, including NSS-specific SOPs and Concept of Operations (CONOPs), to streamline and enhance the authorization process. • Analyze cyber risk indicators stemming from system threats and vulnerabilities and provide detailed cybersecurity risk recommendations in support of NSS continuous monitoring activities. • Research, develop, and implement policies to improve the … the security authorization process while minimizing operational impacts on critical NSS systems. • Conduct vulnerability scans, create Body of Evidence (BoE) artifacts, and produce Security Assessment Reports (SARs) to document risk levels and recommended mitigations. • Provide in-depth analysis of cyber threat actor behavior and create detailed white papers to inform DHS NSS of potential risks and threat trends. … Actively participate in security meetings, including engineering review boards and cybersecurity supply chain risk management (C-SCRM) sessions, to inform and support NSS initiatives. • Develop automated assessment tools and dashboards to support continuous monitoring and ongoing authorization processes, leveraging tools like Splunk, Tenable, and Axonius. Basic Qualifications: • Bachelor's Degree in Information Technology, Cybersecurity, or a related technical field More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include … and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

CYBER SECURITY RISK ANALYST - MID LEVEL - GRC FOCUS ROCKVILLE, MD LONG TERM CONTRACT The Cyber Security Risk Analyst will support the County's Governance, Risk, and Compliance (GRC) efforts by performing detailed risk evaluations and compliance assessments. The analyst will work primarily within the County's ServiceNow GRC platform to review IT security policy exception requests … assess vulnerabilities, and support broader risk governance activities. Collaborate with internal departments including IT, legal, compliance, audit, and business operations to identify, assess, and manage cybersecurity risks across the organization. Support vulnerability assessments by interpreting technical findings, validating remediation efforts, and ensuring alignment with policy. Participate in internal control evaluations to assess effectiveness and identify potential gaps based on … relevant frameworks such as NIST 800-53 and ISO 27001. Assist with the design, documentation, and implementation of risk treatment plans, ensuring appropriate mitigation strategies are in place and tracked through resolution. Contribute to audit preparation activities, respond to information requests, and support remediation of audit findings as needed. Use ServiceNow GRC functionality to support workflow management, risk More ❯

Hourly Rate: Negotiated during the final interview Position Description: We are seeking a highly skilled Information Systems Security Engineer (ISSE) to provide cybersecurity support as a member of a Risk Management Framework (RMF) Team. The candidate should possess an expert knowledge of RMF/Authority to Operate (ATO) package requirements and eMASS. The ISSE will support the Information System … System Owner (ISO) in developing project requirements and plans to ensure project success, and will work collaboratively with other ISSEs/ISSOs, IT SMEs, and System Administrators to conduct analysis/mitigation/remediation/monitoring, ensuring compliance with NIST/CNSS guidance. The ISSE will guide efforts to obtain and maintain RMF ATO requirements within the customer's … complex network infrastructure, spanning multiple platforms, networks and security enclaves. Job requirements (minimum): RMF and A&A Support: Provide Risk Management Framework (RMF) and Assessment and Authorization (A&A) support, including developing and maintaining systems' Authority to Operate (ATO) package documentation. ATO documentation includes but is not limited to Hardware/Software lists, Ports/Protocols/Services documentation More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include … and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing … network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes • The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. • The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validate and verify system security requirements definitions and analysis and establishes system security designs. Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include … and implementation of trusted relations among external systems and architectures. Assess and mitigate system security threats/risks throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations. Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … content. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering designs. Apply system security engineering expertise in one or more of the following to: System security design More ❯

from all programs. Qualified candidate will interface with all elements of the program team to develop and support regular maintenance of the program IMS. This individual will perform schedule analysis in support of assigned programs and projects. Ensure major projects and program schedules and plans are integrated across company functional groups including finance, engineering, material, manufacturing, and quality. Track … plans and schedules, perform risk analysis, identify and resolve critical path and network logic conflicts. Utilize Critical path, Driving Path, Variance metrics, milestone charts, Earned Value Management and other project management techniques to gauge progress and identify performance variances to facilitate focus and intervention on critical areas. Ensure compliance with internal program procedures and project control system guidelines … per DECM metrics. Essential Functions: Develop integrated master schedules (IMS) using SOW, and WBS. Manage complex projects or processes with general oversight. Create and track plans and schedules, perform risk analysis, and identify and resolve critical path and network logic conflicts. Analysis and validation of program schedules through baseline maintenance including support Critical Path Analysis, Schedule More ❯