1 to 25 of 307 Permanent Risk Assessment Jobs

LEAD IT RISK & CONTROL WHAT IS THE OPPORTUNITY? "The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of security assessment by the Lead ITRC Security Analyst includes third party security and … overall security program effectiveness in mitigating risk. The ITRC Analyst's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external … cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk appetite. The Lead ITRC serves as an expert area of specialization. This role is a working lead that provides functional More ❯

must. • Interact with members of the technical team to understand the current system, subsystems, and component specifications. • Responsible for understanding entire projects or processes spanning multiple technical areas. • Support risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. • Support and assist in documentation production using various software tools … formatting and style throughout documentation. • Participate in the development, facilitation, and coordination of system documentation such as: System Engineering Plans; Initial Capabilities Documents; Requirements Specifications; and Interface Control Documentation; Assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems. • Effectively communicates with the customer and internal team members across multiple areas. • Assist with the … scans for each system and work with vendor and technical leads to bring findings into remediation; Document detailed Plans of Actions and Milestones (POAMs) for all open findings. • Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. • Employing SE approach for systems planning design, execution, and sustainment. More ❯

NAT CAT Risk - Modelling & Analytics Lead Hybrid As Nat CAT Risk Modelling and Analytics Lead you will be responsible for leading our NAT CAT modelling and analytics team with the CAT Risk function, reporting directly into the AVP for CAT Risk and Capital. You will lead in the areas of complex pricing support, portfolio analysis and … industry leading expertise within our Enterprise Cat function.You will have a thorough understanding of the Lloyd’s market and hold specialist qualifications such as the Certified Specialist in Catastrophe Risk (CSCR), Certified Catastrophe Risk Management Professional (CCRMP), or a CAT modelling designation from a leading third-party vendor, such as Verisk’s Certified Extreme Event Modeler (CEEM). … and verbal communication skills allow you to consult on complex projects and present confidently at all levels of seniority. What Will You Do? Provide complex pricing support to optimize risk assessment and pricing strategies. Conduct portfolio risk reward analysis to influence CAT underwriting strategy Lead model validation efforts and play an leading role in CAT View of More ❯

Risk and Assurance Analyst | Hybrid working | Permanent | Up to £42,000 | Annual Bonus Cherry Professional are pleased to be working with their public sector client to support the recruitment of a Risk and Assurance Analyst to join their dedicated team. Responsibilities: Implement and maintain effective risk management activities Develop and implement qualitative and quantitative risk assessment processes Conduct risk workshops to identify, assess, and document risks Provide risk management support to project and programme managers Maintain and oversee RAIIDD reporting and escalation processes. Lead formal and informal assurance reviews of projects and programmes Review and assure project documentation Oversee compliance with external programme governance and assurance processes Support and challenge project managers to … ensure best practices in planning, risk management , and project delivery assurance Ideal Candidate: Educated to Degree level or with equivalent experience Professional qualification in Risk Management , Assurance, or Programme/Project Management (e.g., APM Risk Certificate, MoR, MSP, PRINCE2). Degree in a relevant field (e.g., Risk Management , Business, Project Management, Engineering) or equivalent experience. Proven More ❯

and vulnerability management for the company's network assets including firewalls, switches, IoT devices which includes physical security systems, cameras, UPS devices, HVAC and lighting controls. Key Responsibilities: Cybersecurity Assessment: Conduct security assessments and vulnerability assessments on IT/OT systems to identify potential weaknesses and threats. Incident Response: Develop and implement incident response plans specific to OT environments … for the OT environment, aligned with industry standards and regulatory requirements. Security Monitoring: Implement real-time monitoring solutions to detect anomalies and unauthorized access in OT networks and systems. Risk Assessment: Perform risk assessments and develop risk mitigation strategies for OT assets and processes. Compliance: Ensure compliance with relevant industry standards and regulations, such as NERC … and awareness programs for OT/IT staff to promote cybersecurity best practices. Vendor Management: Review/Monitor/Audit Vendors to confirm they follow Unitil standards which includes: Risk Assessment and Compliance. Periodically evaluate vendor for renew or offboarding. Asset Management: Develop and maintain a comprehensive asset inventory for network and IoT devices. Firmware and Lifecycle Management More ❯

bid, labor category, and skill level is at the discretion of the Contractor. INTRODUCTION: The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and … and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR … Yes The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking More ❯

The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing, network … management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes • The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. • The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being More ❯

to inquiries with internal and external organizations/agencies, and tracking test capability completion. Will also assist with writing test plans, test reports, and help guide Mission Based Cyber Risk Assessment (MBCRA) through execution. Required Skills: Due to the sensitivity of customer related requirements, U.S. Citizenship is required. Bachelor's Degree in Computer Science, Information Systems or related … and Special Access Program (SAP) eligible. The TS security clearance must have been completed within the past 5 years. Minimum of three years of experience conducting cybersecurity test or assessment, consisting of MBCRA, Cybersecurity Table Top analysis, Cyber Vulnerability Identification (CVI), Cooperative Vulnerability and Penetration Assessment (CVPA), or Adversarial Assessment (AA) or 5 years' experience in Highly … Adaptive Cybersecurity Services, which are High Value Asset Assessment, Risk and Vulnerability Assessment, Cyber Threat Hunt, Incident Response and Penetration Testing, in a DoD or government acquisition system. DoD 8140 Baseline Level 2 Information Assurance Technical (IAT) Certification is required. Knowledge and previous experience with cybersecurity; information assurance; full spectrum cyberspace operations; air operations centers; expeditionary communications More ❯

organization culture Monitoring and assessing the effectiveness of compliance programs Keeping pace with and understanding the impact of complex, changing regulatory environments on organizations' business models and processes Developing risk strategies and frameworks for compliance and regulatory risks Leveraging analytics and data to optimize compliance risk assessments and compliance monitoring What you will do: As a Gartner analyst … Compliance & Ethics Officer, CEO, and Board of Directors). Knowledge of and experience with the chief compliance officer role, the obligations and requirements of compliance & ethics programs, and compliance risk management (risk assessment processes, key stakeholders involved, etc.) in general. Familiarity and experience with compliance program management systems and tools for regulatory tracking, policy management, risk assessment, and reporting. Effective verbal and written communication skills; ability to adjust style to different audiences. Executive presence; can immediately establish credibility with executives and additional stakeholders. Ability to navigate and thrive in a highly matrixed work environment Willingness to offer flexible working hours within reason to serve Gartner's global client base Ability to travel on occasion More ❯

Genesis10 is seeking a Senior Risk Business Analyst for a contract position with a mortgage loan corporation located in McLean, VA. This position is remote for the contract and upon conversion requires being onsite 5 days per week. This position can pay up to $54.00 per hour depending on experience Summary: Looking for an eager go-getter who is … with transferable skills in analyzing risks and controls and coming up with results. Has a good sense of project management and will communicate escalations to management as needed. Direct risk management experience is preferred, but demonstrable transferable skills may be acceptable. Supplier Risk Management (SRM) Assessor Job Description: Analyze and assess risks (including technology, privacy security, resiliency, and … other operational risks) that the organization and suppliers (vendors) may face Evaluate and analyze supplier controls, identify, and document risk findings based on that evaluation Recommend action plans/remediation to decrease risk factors Gather confidential financial information from client such as income, assets, and debts Able to handle private, sensitive, confidential information appropriately Make risk-avoiding More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

an accurate view of the vulnerabilities in its asset estate and follows an agreed methodology for prioritising and remediating vulnerabilities. Work closely with colleagues performing related penetration testing and risk assessment activities, providing accurate and timely technical information regarding assets and the status of vulnerabilities. Prepare and deliver regular, high-quality management reporting regarding the asset estate and … proven experience in a vulnerability management role Strong understanding of operational technology concepts and differences between IT and OT environments Strong understanding of attacker TTPs Strong understanding of security risk assessment and risk management concepts and approaches Ability to work with less technical colleagues and be able to convey technical information in a way that all can More ❯

Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an … excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives. Key Responsibilities: Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls. Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms … compliance gaps, and security risks; develop and recommend effective mitigation strategies. Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications. Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues. Collaborate with system owners, engineers, and stakeholders to verify the More ❯

champions for product responsible for security operations, architecture, and related functions. Establish and maintain strong communication channels, facilitate knowledge sharing, and drive team collaboration to achieve common security goals. Risk Assessment and Compliance: Conduct regular risk assessments and audits to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective … identity and access management, encryption, and secure coding practices. Demonstrated ability to effectively manage remote offshore teams, fostering collaboration, communication, and achieving shared security objectives. In-depth understanding of risk assessment methodologies, compliance requirements, and privacy regulations. Excellent leadership and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization. Strong analytical More ❯

s client is seeking a Cybersecurity Analyst with an active Secret clearance to support critical cybersecurity operations in Portsmouth, VA. This position requires expertise in vulnerability management, incident response, risk analysis, and compliance with DoD and DON cybersecurity standards. The analyst will be responsible for monitoring, analyzing, and mitigating cyber risks, supporting contingency planning, and maintaining day-to-day … or a related field (or equivalent DoD 8570.01M certification such as Security+ or higher), and have at least four years of cybersecurity experience in system/network vulnerability analysis, risk mitigation, and security test & evaluation. Strong knowledge of INFOSEC concepts, firewall policy, ports & protocols, and Navy-specific security requirements (e.g., OPNAVINST N9210.3) is essential. Responsibilities: • Perform cybersecurity analysis in … support of incident response, threat detection, and risk mitigation. • Conduct system and network vulnerability analysis and implement remediation strategies. • Manage Vulnerability Remediation Asset Management (VRAM), including uploading baseline configurations and processing vulnerability scans. • Support and maintain cybersecurity tools such as ACAS, HBSS, MDE, MDI, and Splunk. • Perform risk assessment and mitigation analysis to identify and reduce potential More ❯

end to end support to projects with regards to cyber security. Proactively contribute to the business solutions architecture and design to manage and reduce security risks. Conduct the security risk assessments on the Airbus Products (including threat and vulnerability assessment). Lead the definition of security requirement and concept of security to mitigate the security risks. Lead the … or component. Ensure the security compliance of the products in accordance to the national and international security regulations in accordance to the applicable criteria and methodologies. Lead the Security Risk Assessment and Threat Modeling Processes for the related projects. Verification and Validation of Secure Systems and Network design. Evaluate, develop and adapt product and sub-products for secure … ISO27000 Family, CIS, NIST, ). You possess strong expertise with Secure Architecture Principles and Concepts (e.g Zero Trust , Defense in Depth, Least Privilege ). You are knowledgeable of the Risk Assessment framework. You have a solid understanding to define verification and validation procedures for secure architecture. Excellent communication and writing skills in English. German and Spanish would be More ❯

the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support security authorization. Provide configuration management (CM) for information systems security software, hardware, and firmware. Manage changes to system and assess the security impact of … those changes. Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF). The Level 2 Information Systems Security Officer shall possess the More ❯

the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manage changes to system and assesses the security impact … of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF). Provide support to senior ISSOs for implementing, and enforcing More ❯

the information system and performs day-to-day security operations of the system. Evaluates security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact … of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Requirements TS/SCI w/Polygraph More ❯

make the most out of your career. You'd like to do this Assist security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to … program to ensure information systems security policies, standards, and procedures are established and followed. Manage changes to system and assesses the security impact of those changes. Perform vulnerability/risk assessment analysis to support certification and accreditation. Provide configuration management (CM) for information system security software, hardware, and firmware. Prepare and reviews documentation to include System Security Plans … SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). You're required to have this Bachelor of Science degree in Computer Science, Information Assurance, Information Security, or related discipline 12+ years of related experience - at least 7 years of experience as an ISSO supporting IC or DoD programs and contracts More ❯

vehicle-level SWaP-CRaM (Size, Weight, Power, Cost, Reliability, and Maintainability). Develop and manage system requirements, interface definitions, and design compliance documentation. Lead and contribute to threat analysis, risk assessment (TARA), and Cyber Tabletop Exercises (CTTX). Support the development of verification plans, manage test execution, and support field shakedowns and RCCA (Root Cause Corrective Actions). … experience in engineering or cyber-related roles. Active Secret Clearance Experience leading embedded system cybersecurity efforts, preferably in military or defense systems. Working knowledge of: TARA (Threat Analysis and Risk Assessment) Cross-Domain Solutions (CDS) CTTX (Cyber Tabletop Exercises) NIST 800-37, NIST 800-53 compliance SSP and POA&M development Familiarity with cyber-physical system security, embedded More ❯

projects with regards to cyber security. Lead the definition of Security requirement , security concept for specific projects. Lead the Design of Secure architecture for Aerospace Solutions Lead the Security Risk Assessment and Threat Modeling Processes Act as Security Officer for certain Aerospace Projects and be the point of contact for all related security topics Verification and Validation of … Security Products and Secure Communications Protocols You possess strong expertise with Secure Architecture Principles and Concepts ( e.g Zero Trust , Defense in Depth, Least Privilege ) You are knowledgeable of the Risk Assessment framework (e.g. EBIOS , NIST SP800-37 ) You have a solid understanding to define verification and validation procedures for secure architecture Your excellent communication and writing skills in More ❯

physical. This role monitors operations and collects and evaluates metrics to manage network services and for inclusion into project KPIs and Service Level Agreements (SLA). This individual performs risk assessment, risk mitigation analysis, vendor trade studies, and appropriate documentation to ensure network services are available according to established Service Level Agreements (SLA). This role ensures More ❯

address such gaps as identified by CT strategies. Research and analyze program requirements and issues, and provide analysis and advice on programs using a range of qualitative and quantitative assessment methods in order to improve program effectiveness management processes. Collect, compile, and organize data, as well as provide presentations of results/findings with the goal of refining or … Chair technical evaluation panels and/or take notes at review panel sessions. Assist with drafting and clearing program scope of work and other pre-award documents(action memo, risk assessment, risk register, monitoring plan, etc.). Support grants closeout by supporting GOR, GO, and FMO with the reconciliation process Maintain traceability of oversight through properly documented More ❯

installation, configuration, administration, support, and maintenance of networks, including associated hardware and cloud resources. Update to new technologies, tuning performance, and prioritizing the implementation of critical system patches. Performs risk assessment, risk mitigation analysis, vendor trade studies, and appropriate documentation to ensure network services are available according to established Service Level Agreements (SLA). Ensures continuity of More ❯