51 to 75 of 465 Permanent Risk Analysis Jobs

the time of application. What you will be doing: The contractor shall provide cyber security and security engineering services for the Fort Meade customer including system security engineering, cybersecurity risk assessments, and security architecture support. The ISSE shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and … among external systems and architectures Applies knowledge of cybersecurity policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments Supports security planning, assessment, risk analysis, and risk management Interacts with the customer and other project team members during meetings, presentations, and briefings Designs, develops, implements and/or integrates cybersecurity and … developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions Assesses and mitigates system security threats/risk throughout the program life cycle Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Applies system More ❯

Responsible for assisting in identifying the overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls, and perform and analyze the security risk assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems and networking operations. Provide assistance to ensure Cybersecurity functions are included in … of legacy systems. Contribute to the acquisition/RDT&E environment and building Cybersecurity into systems deployed in operational environments. Prepare security authorization documentation. Perform security planning, security assessment, risk analysis, risk assessment, and risk management support activities Perform risk assessment and management to support integration of legacy systems into existing IT environment Review and … analyze Cybersecurity built into systems to be deployed to operational environments Prepare risk assessment, plan of actions, authorization recommendations, and related security authorization documentation Identify and support overall security requirements for the protection of data to ensure the implementation of information security policies, activities, and controls Ensure Cybersecurity functions are included in the development and risk management process More ❯

Responsible for assisting in identifying the overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls, and perform and analyze the security risk assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems and networking operations. Provide assistance to ensure Cybersecurity functions are included in … of legacy systems. Contribute to the acquisition/RDT&E environment and building Cybersecurity into systems deployed in operational environments. Prepare security authorization documentation. Perform security planning, security assessment, risk analysis, risk assessment, and risk management support activities Perform risk assessment and management to support integration of legacy systems into existing IT environment Review and … analyze Cybersecurity built into systems to be deployed to operational environments Prepare risk assessment, plan of actions, authorization recommendations, and related security authorization documentation Identify and support overall security requirements for the protection of data to ensure the implementation of information security policies, activities, and controls Ensure Cybersecurity functions are included in the development and risk management process More ❯

security operations of the system. Assist ISSEs and ISSOs with evaluating security solutions to ensure they meet security requirements for processing classified information. Manage the performance of vulnerability/risk assessment analysis to support security authorization. Provide management support to configuration management (CM) for information system security software, hardware, and firmware. Manage changes to systems and assess the … security impact of those changes. Manage the process and preparation of documentation reviews to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with NSA/CSS Risk Management Framework (RMF) process and DoD Information Assurance Certification and Accreditation Process … DIACAP). Perform requirements gathering and analysis of said requirements Perform functional analysis to identify required tasks and their interrelationships Identify and map current security infrastructure as a foundation to define future programs Collaborate with engineers on systems integration efforts Plan and coordinate implementation of IT security programs and policies Analyze user needs to determine functional and cross More ❯

security operations of the system. Assist ISSEs and ISSOs with evaluating security solutions to ensure they meet security requirements for processing classified information. Manage the performance of vulnerability/risk assessment analysis to support security authorization. Provide management support to configuration management (CM) for information system security software, hardware, and firmware. Manage changes to systems and assess the … security impact of those changes. Manage the process and preparation of documentation reviews to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with NSA/CSS Risk Management Framework (RMF) process and DoD Information Assurance Certification and Accreditation Process … DIACAP). Perform requirements gathering and analysis of said requirements Perform functional analysis to identify required tasks and their interrelationships Identify and map current security infrastructure as a foundation to define future programs Collaborate with engineers on systems integration efforts Plan and coordinate implementation of IT security programs and policies Analyze user needs to determine functional and cross More ❯

. Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks. Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network. Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend … for the software application, network, or system. Manage Accreditation Packages (e.g., ISO/IEC 15026-2). Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy. Perform risk analysis (e.g. … threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). Verify and update security documentation reflecting the application/system security design features. Participate in Risk More ❯

performance and skillset. Ensure 24/7 operational readiness of the SOC, including shift coverage and resource management. Incident Response and Management: Lead the SOC team in the identification, analysis, and response to cybersecurity incidents (attempted or successful intrusions, malware, data breaches, etc.). Reconstruct timelines of events based on network defense data to analyze network intrusions and attacks. … operations expertise to predict potential attack vectors and devise proactive defense strategies. Provide recommendations on improving threat data collection and ensuring high-quality data is available for analysis. Cybersecurity Risk Analysis: Analyze cybersecurity risks and communicate these risks to key decision-makers in a clear, concise manner to support informed decision-making. Translate complex technical risks into actionable … insights for non-technical stakeholders, including management and senior leadership. Assist in identifying areas for continuous improvement in the organization's cybersecurity practices based on analysis of incidents and risk data. Intellectual Property Protection: Play a critical role in safeguarding the organization's intellectual property, identifying potential threats and vulnerabilities that could put valuable data at risk. Develop More ❯

Workspace), you'll manage the configuration and governance of multiple tenants within the Department-owned FAN (Google Workspace) and Netskope products. The ideal candidate will provide support for integration, risk analysis, incident resolution, and continuous monitoring of cloud systems, while ensuring security and compliance standards are met. We know that you can't have great technology services without … operation and security compliance across all environments. Assist in integrating Netskope with additional cloud systems or applications as required by system owners, ensuring proper functionality and security alignment. Conduct risk assessments for apps, scripts, and extensions submitted via a request process. Ensure risk analysis follows the process outlined in the Initial Netskope Integration Change Request. Provide daily … SPF, DMARC). Familiarity with SIEM/SOAR platforms, threat detection, and security logging within Google environments, AWS, or Azure. In-depth knowledge of cloud-based systems, integrations, and risk management processes across Google Workspace, AWS, or Azure. Strong understanding of federal security frameworks such as NIST 800-53, FedRAMP, FISMA, and DISA STIGs. Experience working in an on More ❯

Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives. Contribute to the security planning, assessment, risk analysis, risk management, assessment & authorization activities for a large complex software intensive system. Support the Government to resolve conflicting system security engineering requirements. ISSE will be responsible … systems, databases, and virtual computing. Ability to identify areas of non-compliance and propose solutions designed to fulfill operational requirements and meet cybersecurity requirements simultaneously. Thorough knowledge of RMF (Risk Management Framework), and process to end of an ATO (Authority to Operate). Thorough understanding of the living documents, how to address scans, how to update the plan of … of prior relevant experience or an equivalent combination of training, work experience and, preferably, applicable military experience. At least five (5) years must be specialized experience including system security analysis and implementation; design assurance or testing for INFOSEC products and systems; integration or testing for INFOSEC products and systems Certified Information Systems Security Professional (CISSP) Preferred Qualifications Experience with More ❯

and followed. Manage security aspects of information systems and perform daily security operations. Evaluate security solutions to ensure they meet requirements for processing classified information and perform vulnerability/risk assessments to support certification and accreditation. Provide configuration management for information system security software, hardware, and firmware, and manage changes to systems, assessing their security impact. Prepare and review … Security Plans (SSPs) and Assessment and Authorization packages. Manage and coordinate security authorization activities in accordance with Government regulations, Department of Defense and National Institute of Standards and Technology Risk Management Framework and standards, and customer-specific information security policies, processes, and procedures. ISSE Job Summary The Information Systems Security Engineer (ISSE) is crucial in designing, developing, and implementing … integrate robust security measures into systems, ensuring they are resilient against threats and vulnerabilities. This role requires a deep understanding of security engineering principles and a proactive approach to risk management throughout the system lifecycle. Primary Responsibilities: Perform and review technical security assessments to identify vulnerabilities and ensure compliance with information assurance (IA) standards and regulations. Validate and verify More ❯

insertion for a DoD- approved classified network with multiple sites. Specifically, maintain, update, and create new policies/procedures/SOPs and ensure the A&A process utilizing the Risk Management Framework (RMF) within XACTA, eMASS, or other assessment tools, as applicable. Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure … of trusted relations among external systems and architectures. Develop new accreditation approaches to support the rapid deployment of unaccredited applications by supervising the development process (inside development enclaves), the risk assessment process, and the deployment process of these custom-developed applications. Support security authorization activities in compliance DoD Risk Management Framework (RMF), the NIST Risk Management Framework … multiple enclaves and with differing data protection/classification requirements. Assess and mitigate system security threats/risks throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations Qualifications: Required: Bachelor's degree in computer science, information technology, cybersecurity, or a similar discipline. More ❯

Customer in the LSF Program Manager's absence. Lead development and execution of task orders. Essential Duties • Performs in-depth qualitative and quantitative analyses with concentration in Budget/Risk Analysis, management of cost, schedule, and performance metrics. • Accomplishes report generation, interpretation and execution of milestone requirements, deliverables, and risk-identification and management techniques at the program … to carry out assigned tasks. Desired Knowledge, Skills & Abilities • Ability to read and interpret technical documentation such as engineering drawings, operation and maintenance instructions, and procedure manuals. • Strong decision analysis and problem-solving skills. Ability to draw conclusions and justify decisions. Must be able to communicate issues to management. • Strong computer skills specifically using Microsoft Office Suite. Ability to More ❯

to fill multiple positions with highly motivated and experienced Technical Subject Matter Experts (SETA) to join our team. Successful candidates will lead activities in project management, technical and programmatic risk analysis, and program-funded test coordination. The candidate will also be responsible for coordinating meetings, assessing performer technical progress, projecting performer outcomes, and ensuring that project management best … novel solutions, and contribute to the development of advanced resilience strategies. • Leverage expertise in cryptography, data analytics, and network security to enhance the program's capabilities in threat detection, analysis, and mitigation. • Contribute to the design, development, and execution of red teaming exercises to proactively identify and address vulnerabilities. • Support blue teaming efforts by providing technical guidance and recommendations … both technical and non-technical audiences. Desired Qualifications: • Experience working with Special Access Programs (SAPs). • Experience with Agile development methodologies. Clearance: Active Top Secret/SCI required. Strategic Analysis, Inc. is an Equal Opportunity employer and is committed to non-discrimination in employment. All qualified applicants will receive consideration for employment without regard to race, color, religions, sex More ❯

Competitive package valued between $13,000 for individuals and $28,000 for families. Openings: Multiple roles supporting various DoD customers. Knowledge Requirements: Systems architecture, requirements engineering, system verification & validation, risk analysis, and familiarity with tools like DOORS and defense industry standards (DoDAF). Additionally, proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB, Simulink, or similar … standards and frameworks. Knowledge of large-scale system architecture development and lifecycle management. Proficiency in developing engineering processes, technical documentation, and requirement frameworks. Understanding of system modeling and performance analysis for naval systems. Familiarity with NAVWAR program management and system engineering governance. What Makes G2 Ops Different? At G2 Ops, we know that choosing a company is about more … related field. Master's degree is preferred. 8+ years of experience in systems engineering, preferably within the defense or military sector Strong understanding of systems engineering processes, including requirements analysis, design, integration, and testing. Experience with Naval Warfare systems, including familiarity with NAVWAR programs or similar DoD systems. Proficiency in system modeling, simulation, and analysis tools (e.g., MATLAB More ❯

Risk Management Framework (RMF), NMAP, PKI, Wireshark, auditing, penetration testing, scripting, IASAE, CISSP, ISSEP, NISCAP Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance and polygraph are required for the position. Required: Must be a US Citizen Must have TS/SCI clearance w/active polygraph Bachelor's degree in Computer … Five (05) years of experience with Defense in Depth Principals/technology including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture and applying risk assessment methodology to system development. Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience. Must have experience applying Risk Management Framework. … Certification. Computer Information Systems Security Professional CISSP Certification. Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response. Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and More ❯

control within a government provided software repository using Git or other version control system. Conducts code reviews and scans to identify potential flaws in code and mitigate vulnerabilities Performs risk analysis to identify threats, vulnerabilities and likelihood and impact of exploitation Automates and performs unit testing Implements Security Technical Implementation Guides Identifies, analyzes, implements and tests software patches. … maximize software security while minimizing disruption to plans and schedules. Understands, follows and promotes the values and principles in the Agile Manifesto Understands, follows and promotes continuous cyber security risk management Years of experience required Software discipline + 5 years of relevant experience all within the last 5 years. Five (5) additional years of applicable experience with appropriate certifications More ❯

applications and dashboards. • Develop Security Test Procedure (STP), conducts self-assessments to verify compliance with required configuration guidance and support A&A testing and validation of security designs. • Conducting risk analysis reviewing ACAS, CVEs, plugins, CWEs, research, collaborate with System Administrators to mitigate identified vulnerabilities and/or author Plans of Actions and Milestones (PO&AM) as needed. … reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC) • Support security authorization activities in compliance with the customer Information System Certification and Accreditation Process following the NIST Risk Management Framework (RMF), CNSSI No 1243 and other prescribed business processes for security engineering. • Assist architects and systems developers in the identification and implementation of appropriate information security functionality … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

federal agencies gain a trusted partner dedicated to delivering high-performing solutions that advance the nation's most critical objectives. We are currently hiring an SAP Security and Governance, Risk & Compliance (GRC) Consultant to support one of our federal clients on-site in Chantilly, Virginia. The SAP Security and GRC Consultant candidate will be responsible for leading our security …/GRC implementation and maintenance, to include minor enhancements as well as support pack/version upgrades. Extensive hands-on experience with GRC master data creation and maintenance, performing risk analysis and remediation activities, batch job monitoring, audit & compliance support activities (user management controls, access certification, etc.), and BRF+ and MSMP workflows. Ability to effectively and efficiently troubleshoot More ❯

agency security policies and frameworks. Enforce secure connections and trusted relationships between external systems and environments. Assess and mitigate security threats throughout the system lifecycle. Provide technical guidance on risk analysis, security planning, certification, and accreditation. Review and improve C&A documentation, ensuring completeness and compliance. Apply advanced knowledge of system security engineering, including areas such as: Security … design lifecycle Authentication, authorization, and access control Intrusion detection, incident response, and auditing Cryptography and cross-domain solutions Risk management and change control Support system authorization efforts in line with DoD RMF, NIST RMF, and related government compliance processes.Who You Are: You have proven experience securing systems and driving them through successful A&A or RMF processes. You understand More ❯

and requirements, such as: Working with AWS Cloud Infrastructure team to secure our cloud infrastructure Working with the development team in embedding security in the SDLC Provide assistance in risk management activities Support security-related incidents Support our log monitoring operations Take part in threat modelling sessions Support the teams in risk analysis of technical vulnerabilities Support More ❯

ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and Risk Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on More ❯

with DoD and Air Force policies. Responsibilities Duties include, but not limited to: Develop and maintain security documentation including System Security Management Plans, Program Protection Plans, OPSEC Plans, and Risk Analyses in accordance with DoDI 5000.02, DoDI 8510.01, and MIL-STD 1785. Support RMF-based Authorization and Accreditation (A&A) efforts by assessing and guiding required artifacts and control … based on technical assessments and policy review. Promote security awareness across program stakeholders and ensure alignment with cybersecurity principles and business goals. Conduct security audits, contingency planning reviews, and risk assessments to ensure organizational resilience. Advise on security architecture and participate in systems design to ensure alignment with cybersecurity best practices. Review, evaluate, and recommend security mechanisms, including configurations … and DoD security control baselines Proficient in managing security tools, PKI, and compliance reporting databases Familiarity with classified systems operations, audit processes, and cybersecurity architecture Ability to analyze risk and vulnerability across networked and standalone systems Strong understanding of cross-domain solutions and secure system design principles Interpersonal Skills Capable of leading security reviews and interfacing with senior stakeholders More ❯

assessments of computing environments to identify points of vulnerability, non-compliance with established Cybersecurity standards and regulations, and recommend mitigation strategies. Validate and verifies system security requirements definitions and analysis and establishes system security designs. Design, develop, implement and/or integrate Cybersecurity and security systems and system components including those for networking, computing, and enclave environments to include … implementation of trusted relations among external systems and architectures. Assess and mitigate system security threats/risks throughout the system development life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Review certification and accreditation (C&A) documentation, provide feedback on completeness and compliance of its … content. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering. The Level 2 Information Systems Security Engineer shall possess the following capabilities: • Participate as the primary security More ❯

Systems Engineer 4 Job Responsibilities: Provide technical direction for the development, engineering, integration, interfacing, and testing of complex hardware and software systems. Perform requirements elicitation, detailed analysis, and functional allocation. Conduct comprehensive systems requirements reviews. Develop concepts of operation, interface standards, and detailed system architectures. Perform technical and non-technical assessments and management activities, including end-to-end flow … Department of Defense Architecture Framework (DoDAF) standards. Provide subject matter expertise and leadership for Cyber Mission Management and Cyber System Development initiatives. Oversee integration of systems such as Signal Analysis Knowledge Base (SAKB) into broader community systems, ensuring compliance with information assurance and cybersecurity standards. Collaborate within Integrated Product Teams (IPTs) and Configuration Control Boards to review interface control … acquisition lifecycle. Required Experience: Minimum 10 years of relevant professional experience; preference for candidates with 20+ years in Cyber and Systems Engineering. Proven experience developing and deploying Cybersecurity and Risk Management strategies within DoD and DHS frameworks. Extensive knowledge and practical application of Risk Management Framework (RMF) procedures. Demonstrated history in supporting major government cybersecurity initiatives, including DHS More ❯

Research Analysts, Senior to join our team. This role requires a dynamic professional who understands Air Force supply chain processes, including retail and wholesale supply, and excels in data analysis, database management, and system support. The ideal candidate will provide critical support to government functional managers, oversee key program management tools, and contribute to process improvements for mission success. … Duties/Responsibilities Logistics and Supply Chain Management Oversee wholesale and retail inventory management Analyze and optimize Air Force supply chain processes Support budget forecasting and financial analysis for supply chain programs Implement process improvements for the Suspended Assets Program System Support and Data Management Maintain and update Microsoft Access databases for logistics tracking Develop and execute system data … for D035 Stock Control System Support system change management and integration for CSWS DE program Extract, analyze, and report on supply chain data from legacy systems Audit, Compliance, and Risk Management Conduct risk analysis and compliance audits for supply chain operations Support Financial Improvement and Audit Remediation (FIAR) compliance Monitor, validate, and report on Government Furnished Property More ❯