101 to 125 of 423 Permanent Risk Assessment Jobs

Team initiatives by integrating offensive (Red Team) and defensive (Blue Team) strategies Help develop and execute strategic security plans aligned with threat intelligence and operational priorities Threat Intelligence and Risk Assessment: Leverage threat intelligence to prioritize and scope security projects based on real-world risks Conduct risk-based evaluations of critical systems, networks, and Industrial Control Systems … of experience in Cybersecurity operations, including Blue Team, Red Team, or Purple Team roles Proven leadership in incident response, threat hunting, and vulnerability management Strong understanding of threat intelligence, risk assessment methodologies, and adversary tactics (MITRE ATT&CK, etc.) Experience with SIEMs, EDRs, forensic tools, and scripting languages (e.g., Python, PowerShell) Excellent communication and collaboration skills Preferred Qualifications More ❯

This role is crucial in ensuring IT risks are identified, measured, and actively managed to protect the organisation from potential impacts. You will develop and implement IT policies, conduct risk assessments, and ensure compliance with regulatory requirements while driving improvements in IT governance processes. Key Accountabilities * Identify, evaluate, and manage IT risks across infrastructure, data protection, and lifecycle management. … Own and maintain the IT risk register, ensuring mitigation plans are in place. * Align risk management frameworks with industry standards (ISO27001, NIST, CIS Critical Controls). * Lead IT audits, coordinate fieldwork, and track findings to ensure timely resolution. * Develop and implement IT policies, procedures, and security awareness initiatives. * Act as an SME, providing guidance on IT governance, compliance … and risk mitigation strategies. Required Skills & Qualifications * Proven experience in IT risk management, security governance, and compliance. * Strong knowledge of ISO27001, GDPR, PCI-DSS, and cybersecurity frameworks. * Experience in IT audit coordination and risk assessment methodologies. * Excellent communication and stakeholder management skills. * Desirable - Certifications such as CRISC, CISA, CISM, or CISSP Benefits * 10% discretionary performance related More ❯

on current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations. Effectively collaborating with other internal technical experts on a day-to-day basis. … providing advice to Program Managers, Customer technical experts, and internal program teams. Formulating security compliance requirements for new system features. Identifying and remediating security issues throughout the system. Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions. Working with development teams to enrich team-wide understanding of … hold an active TS/SCI clearance with Polygraph. Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware More ❯

Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. • Participate in an information security risk assessment during the Security Assessment and Authorization process. • Participate in the development or modification of the computer environment cybersecurity program plans and requirements. • Recognize a possible security … violation and take appropriate action to report the incident, as required • Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. • Provide technical documents, incident reports, and findings from computer examinations, summaries, and other situational awareness information to higher headquarters • Develop and maintain RMF Assess and Authorize documentation … required to achieve an Authority to Operate (ATO). Prepare and maintain information systems ATO record on the Navy's Enterprise Mission Assurance Support Service (eMASS) • Run vulnerability assessment tools; ACAS vulnerability scanner, Security Content Automation Protocol (SCAP), STIG Viewe • Manage system/network vulnerabilities using the Vulnerability Remediation and Assets Manager (VRAM) Qualifications/Requirements: • MUST be a More ❯

AI/ML architecture patterns and reference architectures. • Direct AI/ML architecture standards development, ensuring best practices. • Evaluate and select security tools for AI environments, providing strategic guidance. Risk Assessment and Management: • Lead strategic AI risk assessments, shaping organisational risk priorities. • Direct development of AI risk mitigation strategies for complex threats. • Oversee AI security … risk monitoring and reporting for senior management. • Structure and lead architectural design reviews for AI/ML risk mitigation. • Maintain strategic awareness of emerging AI security threats and adapt security strategies. Data Security and Privacy: • Strategically implement data security and privacy measures for AI applications. • Oversee data security controls and encryption for AI datasets. • Ensure AI compliance with … ISO 27001, TOGAF, SABSA). • Deep understanding of AI/ML concepts, algorithms, models, regulations and controls. • Extensive technical experience in AI/ML Security Architecture • Proven threat modelling, risk analysis, and architectural validations • In-depth knowledge of adversarial machine learning mitigation. • Comprehensive understanding of ethical AI and governance. • Proven AI security tool implementation and management. • Extensive experience with More ❯

We offer outstanding benefits and opportunities for leadership development. This work is in support of Naval Surface Warfare Center - Philadelphia. Tasking includes: • Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM … and CS security control baselines based on RMF guidelines and categorization of the RMF boundary • Perform Ports, Protocols, and Services Management (PPSM). • Perform IT and CS vulnerability-level risk assessments. • Execute security control testing as required by a risk assessment or annual security review (ASR). • Mitigate and remediate IT and CS system level vulnerabilities for … RMF boundaries and/or guidance provided by the command ISSMs • Implement and assess STIG and SRGs. • Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG. • Deploy security updates to Information System components. • Perform routine audits of IT system hardware and software More ❯

Platform Management: Configure, manage, and optimize Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Digital Experience (ZDX) solutions to ensure secure and efficient internet and application access. Risk Assessment and Mitigation: Perform regular risk assessments to identify potential vulnerabilities in the organization's systems and networks and develop strategies to mitigate these risks effectively. System … Platform Management: Configure, manage, and optimize Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Digital Experience (ZDX) solutions to ensure secure and efficient internet and application access. Risk Assessment and Mitigation: Perform regular risk assessments to identify potential vulnerabilities in the organization's systems and networks and develop strategies to mitigate these risks effectively. System More ❯

ensure compliance with all associated controls and responsibilities in the day-to-day performance of their duties. Individuals working in departments that are considered to be in the high-risk category will be required to undergo advanced training based on their role and level of access. Individuals with access to modify data and the configuration baseline will require further … Data Environment Repository (SPIDER) Navy Data Environment (NDE) Open Architecture Retrieval System (OARS) Configuration Data Managers Database-Open Architecture (CDMD-OA) Configuration Management Professional (CMPro) Navy Tool for Interoperability Risk Assessment (NTIRA) Assured Compliance Assessment Solution (ACAS) Enterprise Mission Assurance Support Service (eMASS) Federal Information Security Management Act (FISMA) database Vulnerability Remediation Asset Manager (VRAM) Xacta Information … Assurance (IA) Manager and NSERC DoD Information Technology Portfolio Repository-DON (DITPR-DON) DON Application Database Management System (DADMS) Microsoft Visio, PEO C4I Risk Exchange Online Server Tool and Office Suite & Jira Online Tool Excellent organizational skills with the ability to identify, prioritize, and execute tasks to meet project deadlines consistently. DESIRED Knowledge of and practical experience with submarine More ❯

for: Significant experience of working in a security related role, with demonstrable experience. A demonstrable passion and enthusiasm for security with a willingness to learn A strong understanding of Risk Assessment frameworks and methodologies The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a More ❯

related discipline Active Secret Clearance Must be a U.S. citizen Desired Qualifications: Experience with government financial programs or loan guarantees Knowledge of Foreign Military Sales (FMS) processes Experience with risk assessment and financial performance evaluation Advanced skills in Excel, PowerBI, or other analytical tools Experience supporting federal financial policy initiatives Knowledge of international finance and export credit mechanisms More ❯

effective security solutions Provide advisory and consultancy services to ensure achievement of business goals Provide oversight to secure solutions that are scalable and portable across the business Support security risk assessment and problem mitigation Deliver technical consultancy on 3rd party and vendor involvement Build up expertise in a range of subject matter areas Champion future proofing and threat … functions such as Security Architect, Security Project Lead, Security Technical expert, DevSecOps A technical breadth to include enterprise, distributed systems and cloud technologies. Strong practical understanding of Information Security risk management processes and best practice Advanced communication and interpersonal skills, including the ability to negotiate and resolve conflict, and to engage effectively with a mixed technical, non-technical and … Strong demonstrable stakeholder management skills, (internal and external) Desirable to hold security certification such as CISSP, CISM Desirable to hold PenTest certification such as CEH, GIAC Desirable to understand risk driven architecture such as Sherwood/SABSA/SANS Highly desirable to have exposure to DevSecOps functions. For clarification: This role is NOT GRC, neither is it a SOC More ❯

effective security solutions Provide advisory and consultancy services to ensure achievement of business goals Provide oversight to secure solutions that are scalable and portable across the business Support security risk assessment and problem mitigation Deliver technical consultancy on 3rd party and vendor involvement Build up expertise in a range of subject matter areas Champion future proofing and threat … functions such as Security Architect, Security Project Lead, Security Technical expert, DevSecOps A technical breadth to include enterprise, distributed systems and cloud technologies. Strong practical understanding of Information Security risk management processes and best practice Advanced communication and interpersonal skills, including the ability to negotiate and resolve conflict, and to engage effectively with a mixed technical, non-technical and … Strong demonstrable stakeholder management skills, (internal and external) Desirable to hold security certification such as CISSP, CISM Desirable to hold PenTest certification such as CEH, GIAC Desirable to understand risk driven architecture such as Sherwood/SABSA/SANS Highly desirable to have exposure to DevSecOps functions. For clarification: This role is NOT GRC, neither is it a SOC More ❯

Support the Intelligence Requirements Division's Cyber Intelligence Team (CIT) efforts to enhance MDS cybersecurity. Present cyber threat intelligence briefings and updates to senior leaders and relevant program offices. Risk Assessment and Intelligence Integration: Provide cyber threat intelligence support for MDA risk assessments focusing on system spirals and vulnerabilities. Develop and submit Priority Requirements (PRs) to address More ❯

Implementing and development of the DHS IT security standards • Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs • Performing risk analyses which also includes risk assessment • Planning and leading major technology assignments • Evaluating performance results and recommends major changes affecting short-term project growth and success - Functioning More ❯

RFP products Review acquisition documents and provides comments with programmatic perspective to ensure consistency and accuracy. Documents may include, but are not limited to, ADMs, LCSP, Acquisition Strategies, APBs, Risk Management Plans, PMRs and milestone decision briefings Support, prepare, review and develop acquisition reports, including statutory and regulatory acquisition report and milestone review documentations identified in DoDI 5000.02 Support … and potential cost avoidance Assist with planning, evaluating and implementing program acquisition strategies. This includes DoD and AF policy and/or guidance; technical approach and/or requirements; risk assessment; and realism in achieving a product suitable for the warfighter within cost, schedule, and performance constraints. Also includes broad range of program acquisition strategies, market research, evaluating … in DoDI 5000.80, Operation of the Middle Tier of Acquisition and DoDI 5000.81, Urgent Capability Acquisition Support and coordinate with program level scheduling personnel Develop, maintain, and update program risk management plans IAW the Risk Management Guide for DoD Acquisition, AFPAM 63-128, and the Air Force RI3 Guidebook; facilitate program risk identification, risk analysis, risk More ❯

As directed, the Intelligence Analyst will be required to attend various meetings to support the development of reports, assessments and briefings. As requested, the Intelligence Analyst shall provide preliminary assessment reports and daily/weekly/monthly updates on data submittals related to the review of the sensitive intelligence information. The Intelligence Analyst will also be involved with the … applicable regulations, guidance, and directives, to include: - Evaluation of intelligence and data related to foreign persons who may have links to counterintelligence or other national security threats; - Targeting analysis; - Risk assessment; - Threat assessment; - Mapping of data and GEOINT analysis; - Open Source/social media exploitation; - Use of analytical IT tools (query, link, visualization, etc.); - Data analysis (reactive More ❯

monitoring tools (e.g., Wireshark, SolarWinds, Nagios) and security incident management tools ️ Proficiency in network administration (e.g., TCP/IP, routing, switching, VLANs, DNS, DHCP) ️ Understanding of security best practices, risk assessment, and threat mitigation techniques ️ Relevant certifications such as CISSP, CISM, CCNP Security, or CompTIA Security+ ️ Strong analytical, troubleshooting, and problem-solving skills ️ Ability to work independently and More ❯

to engage the PS solutions engineering organization and ensure speed and accuracy Drive consistency in proposal quality, format, and content across all regions Implement governance processes to ensure appropriate risk assessment and profitability analysis Develop strategies to differentiate professional services offerings from competitors Partner with sales leaders to develop and execute joint go-to-market strategies for professional … capabilities Strategic thinking with strong commercial acumen Advanced negotiation and influencing skills Ability to translate complex technical concepts into business value propositions Strong analytical capabilities for pricing, scoping, and risk assessment Excellent problem-solving and creative thinking skills Education & Certifications Bachelor's degree required; MBA or other advanced degree preferred Technical certifications relevant to the company's products More ❯

posture, and actively safeguard the systems that make critical projects a success. Key Responsibilities: Cybersecurity & Compliance •Support implementation, monitoring, and continuous improvement of cybersecurity controls in accordance with the Risk Management Framework (RMF). •Maintain and update System Security Plans (SSPs), POA&Ms, risk assessments, and continuous monitoring documentation. •Perform vulnerability assessments, penetration testing, and security audits using … provisioning, patch management, secure configurations, and network monitoring. •Evaluate and recommend security solutions that meet DoD and federal requirements for processing classified information. •Participate in security authorization activities, including Risk Assessment Reports, Certification and Accreditation packages, and System Requirements Traceability Matrices (SRTMs). •Support security awareness training and insider threat mitigation programs. •Maintain thorough documentation for all security More ❯

development, and we are growing quickly. We are looking to staff a Sr. Program Analyst for one of our DoD clients, the Office of Naval Research. Key Responsibilities: Technology Assessment: Evaluate the feasibility, relevance, and potential impact of new technologies on naval operations. Provide recommendations to senior leadership. Collaboration: Foster collaboration with internal and external stakeholders, including scientists, engineers … government agencies, and industry partners, to build strategic alliances and leverage expertise. Budget Management: Manage project budgets, allocate resources efficiently, and ensure cost-effectiveness. Risk Assessment: Identify potential risks, challenges, and opportunities associated with research projects and/or S&T portfolio planning and implementation. Reporting and Documentation: Prepare detailed reports, presentations, and documentation as necessary to effectively More ❯

known as the CASP+) Certification required Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware … Five (05) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development. Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk More ❯

security, including security groups, network ACLs and load balancers in cloud environments Strong knowledge of IAM solutions with desired experience in Microsoft Entra ID Strong application and Network security risk assessment skills to identify gaps in security configuration and design Expert-level problem-solving and analytical skills Strong written and oral English communication skills, and ability to convey More ❯

of experience managing IT projects in the banking or financial services sector. Strong understanding of banking applications, core banking systems, and digital channels. Skilled in project planning, resource management, risk assessment, and stakeholder communication. Proficient with project management methodologies (Agile, Waterfall) and tools (Jira, MS Project). Strong understanding of compliance , information security , and regulatory requirements in banking. More ❯

of experience managing IT projects in the banking or financial services sector. Strong understanding of banking applications, core banking systems, and digital channels. Skilled in project planning, resource management, risk assessment, and stakeholder communication. Proficient with project management methodologies (Agile, Waterfall) and tools (Jira, MS Project). Strong understanding of compliance , information security , and regulatory requirements in banking. More ❯

Maintain and configure CRM systems, including data cleaning and custom reporting setup. Leverage APIs to integrate sales data with internal tools and dashboards. 3. Support Customer Onboarding, Credit Analysis & Risk Assessment Configure and onboard customers onto the Revving platform. Analyze and evaluate new customer data to support sales and underwriting decisions. Collaborate with sales and product teams to … London with the successful candidate expected to work in the office 4-5 days/week. Interview Process The interview process will include screening/behavioural discussions, a technical assessment, and culture fit interviews with the co-founders. More ❯