76 to 100 of 713 Risk Analysis Jobs

to the following: Manage, optimize and maintain ownership of core credit reporting processes, documentation and tools with the aim to deliver timely, accurate and insightful data to senior management, risk management, regulators, treasury, accounting teams. Contribute to the development of current and new Credit MI, metrics, dashboards and decision tools in order to gain accurate and timely insight into … bps Credit Risk drivers. Develop strong understanding of bp Credit Risk frameworks, quantitative approach, and risk metrics as well as acquire strong commercial awareness. Support various technology and systems initiatives, including automation, data integrity and data integration. Create, implement, and support credit risk quantitative models leveraging mathematical and computer science methods and tools including Python , SQL … verbal and written, to understand data needs and communicate report results. Remain up to date with the latest technology, techniques and methods. Stay curious and enthusiastic about exploring new risk modelling concepts, algorithms and data exploration methods to solve problems and enthuse others to see the benefit of your work. Essential Experience & Job Requirements Prior experience in financial risk More ❯

Security! What You'll Do: Be the Security Advocate: Work closely with the Information Systems Security Manager (ISSM) to drive information assurance initiatives, including security authorization activities, compliance with Risk Management Framework (RMF) policies, and the development of System Security Plans (SSPs). Strengthen Our Defense: Perform Security Technical Implementation Guide (STIG) reviews, self-assessments, and participate in Assessment … potential risks. Shape Security Policy: Use your expertise to apply a comprehensive range of cybersecurity policies, principles, and techniques to maintain the integrity of systems processing classified information. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process, and recommend security solutions to address any identified gaps. Collaborate with Experts … programs for Federal or DoD information security initiatives. Knowledge of NIST guidelines (SP 800-37, 800-53, 800-53A) and proven experience in Security Control Assessment. Hands-on risk assessment experience that incorporates system/mission requirements and operational constraints. Splunk experience to enhance your threat detection capabilities. Understanding of FISCAM compliance, with familiarity in managing risk More ❯

complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that … technical), coordination, monitoring and managing these plans) Assessing our clients' cybersecurity posture against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005/EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting … enterprises and SMEs, across private and public sectors – industry, energy, luxury, maritime, transportation, institutions... in France and Worldwide. Hard Skills Required: You understand basic security concepts (CIA triad, vulnerability, risk, threat...) You have a technical mindset and understand core security components, their principles: systems and networks, security devices (firewalls, AV/EDR, VPN...), cloud (AWS, Azure, Google...) Familiarity with More ❯

complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that … technical), coordination, monitoring and managing these plans) Assessing our clients' cybersecurity posture against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005/EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting … enterprises and SMEs, across private and public sectors – industry, energy, luxury, maritime, transportation, institutions... in France and Worldwide. Hard Skills Required: You understand basic security concepts (CIA triad, vulnerability, risk, threat...) You have a technical mindset and understand core security components, their principles: systems and networks, security devices (firewalls, AV/EDR, VPN...), cloud (AWS, Azure, Google...) Familiarity with More ❯

Associates have collaborated with our consultancy division to help in their search for an Information Security GRC Manager. You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities Build and refine information security … governance and risk frameworks Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and policies across the business Support KPI development and risk strategy planning Requirements Degree in Computer Science/IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead … legal/security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first More ❯

supporting a key government customer. The Cyber Security Systems Engineer assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As a Cyber Security Systems Engineer, you will play a crucial role in enhancing our … technology-based program supporting a key government customer. The ISSE assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As an Information Systems Security Engineer (ISSE), you will play a crucial role in enhancing … or in writing the documentation in order to ensure it's easy to understand. Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts. Document and obtain a general understanding of the architecture being developed or that More ❯

Trust Architect, DevSecOps engineers, system administrators, and government cybersecurity personnel, the specialist will manage system security controls, support developing and reviewing System Security Plans (SSPs), and assist with Security Analysis Reports. The specialist monitors network and user activity, enforces policy-based access, conducts vulnerability analysis, and contributes to POA&Ms, waivers, and exemption packages. This role ensures compliance … with DoD cyber requirements while addressing emerging threats and maintaining system resiliency. ESSENTIAL JOB FUNCTIONS Evaluate, implement, and maintain cybersecurity frameworks following the DoD Risk Management Framework (RMF). Develop and update System Security Plans (SSPs), Security Analysis Reports, and associated RMF documentation for DCGS and STATEFARM systems. Design and enforce access control policies, user authentication procedures, and … DoD or intelligence community environment. Strong background in developing RMF documentation, managing system security controls, and responding to cybersecurity audits or assessments. Hands-on experience with system hardening, vulnerability analysis, and cybersecurity operations in a classified environment. Familiarity with automated security toolsets and network intrusion detection/response processes. Experience supporting secure software development, implementation, and testing cycles preferred. More ❯

utility programs and provides actionable results. This role is also responsible for maintaining the Continuous Monitoring requirements for all assigned systems. Core Tasks: Develop methods to monitor and measure risk, compliance, and assurance efforts for IT systems across multiple program offices and vendors Develop specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability … s compliance with information technology (IT) security, resilience, and dependability requirements Assess the effectiveness of security controls Perform security reviews, identify gaps in security architecture, and develop a security risk management plan Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy Perform risk analysis (e.g. … Conduct annual Contingency Plan Tests according to Categorization of system Core Competencies: Information Assurance Information Systems/Network Security Information Technology Assessment Legal, Government, and related federal security policies Risk Management Systems Testing and Evaluation Vulnerability Assessment Security Technical Implementation Guides (STIGs) Security Requirements Guide (SRGs) Core Knowledge, Skills, Abilities: Knowledge of current industry methods and federal government standards More ❯

and design documents for various projects Acting as the Security SME to customer or Roke Project Managers and Technical Leads, ensuring solutions adhere to MOD security policy Coordinating Security Risk Analysis and Management activities, including maintaining the security risk register and managing Risk Balance Cases Developing Security Architectural diagrams Producing and maintaining security documentation such as More ❯

technology skills: Experience using DoD security management tools including ACAS and eMASS Experience reviewing and applying STIGs Experience using security scanning tools including Fortify and Nessus Experience using log analysis tools such as Splunk Understanding of NIST RMF monitoring and controls Understanding of system ATO artifacts Data and mathematical analysis skills Vulnerability and risk analysis experience More ❯

maintain compliance standard procedures supporting customer and government agency requirements to include Standard Operating Procedures (SOPs), Standard Practices and Procedures (SPPs), Operational Security (OPSEC), Emergency Action Plans (EAPs) and Risk Analysis Investigations specific to the facility • Establish and maintain effective security awareness training including, as required: Annual Security Briefings, Counterintelligence, Espionage, Insider Threat, Courier, NATO, debriefings, indoctrinations, pre … for all government sensitive programs and ensure personnel cleared on those programs receive initial and refresher Desired ISSM Responsibilities: • Reviewing, preparing, and updating ATO packages in accordance with NIST Risk Management Framework and customer policy, procedures and guidelines. • Identify and communicate changes that might affect information system (IS) security authorization status to include identifying security deficiencies/discrepancies and … Control Assessors (SCA), and other external/internal customers. • Development, implementation, and maintenance of System Security Plans (SSP), Standard Operating Procedures (SOP), information security policies to ensure compliance with Risk Management Framework (RMF) guidelines. • Development and maintenance of Plan of Action and Milestones (POA&M) through mitigation and risk acceptance. • Oversee the scheduling, installation, implementation and maintenance of More ❯

branch environments Lead strategic network transformation projects, focusing on Cisco-based security technologies (Firepower, ASA, ISE, Umbrella, etc.) Develop network security policies, best practices, and high-availability solutions Perform risk analysis, vulnerability assessments, and network hardening Collaborate with cross-functional teams to align network architecture with business goals What We’re Looking For: CCIE (Security or Enterprise Infrastructure More ❯

that is clear, accurate, and defensible. Reporting deliverables will include: Security assessment reports that communicate technical findings and vulnerabilities identified through activities such as penetration tests, vulnerability assessments, and risk analyses. System architecture and design documentation that describes the architecture, components, data flows, and security assurance properties of systems under evaluation, with emphasis on security compliance, risk posture … will work independently or side-by-side within a team structure to draft, edit, and review a variety of technical and security-focused reports including vulnerability assessments, penetration tests, risk assessments, system architecture and design documentation, and compliance and attestation reports[CH1] [AK2] with an emphasis on accuracy, clarity, and consistency. Additional key responsibilities include: Tailoring reports and communications … documentation practices such as data flow diagrams, control matrices, and system security plans (SSPs). Demonstrated experience, writing security assessments or audit reports such as vulnerability assessments, penetration tests, risk assessments, and security compliance reports. Ability to synthesize technical security findings into language, appropriate for executive, legal, and regulatory audiences. Understanding of legal and regulatory considerations related to security More ❯

Responsible for implementing and developing the DHS IT security - Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs - Performing risk analyses, which also includes risk assessment - Providing support to plan, coordinate, and implement the lab's information security - Providing support for facilitating and helping the lab identify its More ❯

Implementing and development of the DHS IT security standards • Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs • Performing risk analyses which also includes risk assessment • Planning and leading major technology assignments • Evaluating performance results and recommends major changes affecting short-term project growth and success - Functioning as More ❯

Overview: Our client is currently seeking an experienced Security Risk Analyst to join their team on a contract basis through the end of the year. This role sits inside IR35 and will require three days per week onsite at their Central London office. You ll play a key role in assessing and managing information security risks across the business … and IT landscape. Key Responsibilities: Conduct risk assessments across both IT and business units , ensuring compliance with internal security policies and relevant regulatory frameworks (eg, ISO 27001, NIST, FCA ). Collaborate with key stakeholders to gather and analyze technical security data for accurate risk evaluation and remediation. Work closely with Vulnerability Assessment & Penetration Testing (VAPT) , Threat Intelligence , and … Incident Response teams to understand technical risks and validate that appropriate controls are in place. Contribute to the ongoing improvement of Governance, Risk, and Compliance (GRC) practices by incorporating findings from technical assessments and adapting to emerging threat landscapes. Prepare clear and concise documentation and reporting for senior leadership, audit committees, and regulatory authorities. Support internal and external audit More ❯

the highest level of system security. • Develop and maintain formal documentation, including NSS-specific SOPs and Concept of Operations (CONOPs), to streamline and enhance the authorization process. • Analyze cyber risk indicators stemming from system threats and vulnerabilities and provide detailed cybersecurity risk recommendations in support of NSS continuous monitoring activities. • Research, develop, and implement policies to improve the … the security authorization process while minimizing operational impacts on critical NSS systems. • Conduct vulnerability scans, create Body of Evidence (BoE) artifacts, and produce Security Assessment Reports (SARs) to document risk levels and recommended mitigations. • Provide in-depth analysis of cyber threat actor behavior and create detailed white papers to inform DHS NSS of potential risks and threat trends. … Actively participate in security meetings, including engineering review boards and cybersecurity supply chain risk management (C-SCRM) sessions, to inform and support NSS initiatives. • Develop automated assessment tools and dashboards to support continuous monitoring and ongoing authorization processes, leveraging tools like Splunk, Tenable, and Axonius. Basic Qualifications: • Bachelor's Degree in Information Technology, Cybersecurity, or a related technical field More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include … and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

Hourly Rate: Negotiated during the final interview Position Description: We are seeking a highly skilled Information Systems Security Engineer (ISSE) to provide cybersecurity support as a member of a Risk Management Framework (RMF) Team. The candidate should possess an expert knowledge of RMF/Authority to Operate (ATO) package requirements and eMASS. The ISSE will support the Information System … System Owner (ISO) in developing project requirements and plans to ensure project success, and will work collaboratively with other ISSEs/ISSOs, IT SMEs, and System Administrators to conduct analysis/mitigation/remediation/monitoring, ensuring compliance with NIST/CNSS guidance. The ISSE will guide efforts to obtain and maintain RMF ATO requirements within the customer's … complex network infrastructure, spanning multiple platforms, networks and security enclaves. Job requirements (minimum): RMF and A&A Support: Provide Risk Management Framework (RMF) and Assessment and Authorization (A&A) support, including developing and maintaining systems' Authority to Operate (ATO) package documentation. ATO documentation includes but is not limited to Hardware/Software lists, Ports/Protocols/Services documentation More ❯

computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include … and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its … to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security More ❯

The Sponsor supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Sponsor requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing … network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Sponsor's technical risk assessment activities. The Sponsor also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. WORK REQUIREMENTS: Contractor Support; HHR; Yes • The Contractor shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. • The Contractor shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being More ❯

and Insights team - Develop and implement strategies to improve audit processes and methodologies - Manage the transition of new audit procedures and tools across the organization 2. Audit Intake and Risk Analysis: - Evaluate incoming audit requests based on comprehensive risk impact analysis - Prioritize audit engagements according to organizational risk exposure and potential impact - Collaborate with key … a thorough understanding of various sampling methodologies and their applications in auditing - Apply advanced statistical knowledge to design and implement robust sampling methodologies for various audit types based on risk impact analysis. - Ensure that sampling strategies align with audit objectives and provide statistically valid results 4. Audit Program Health Management: - Monitor and track the overall health and performance of … e-commerce platform. BASIC QUALIFICATIONS - Bachelor's degree in Technology, Business Administration, Finance, Accounting, or a related field - 7+ years of experience in program management, preferably in audit or risk management roles - Strong understanding of risk assessment methodologies and audit processes - Excellent analytical and problem-solving skills - Proven ability to manage complex projects and drive change in large More ❯

experience to join our central cyber security team. This role offers the opportunity to work across a broad stakeholder base within the UK and Europe, contributing to essential cyber risk management and operational security initiatives. Key Responsibilities As a Cyber Security Operations Analyst, you will play a key role in supporting risk analysis, security policy implementation, and … the Secure by Design framework across Operational Technology (OT) and Information Technology (IT). You will contribute to: Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel … security teams. Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and handle external threat intelligence. Software Development & Cloud Security: Support the integration of security policies into DevOps processes and cloud-based tools. Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. Incident Response: Act as a responder within More ❯

experience to join our central cyber security team. This role offers the opportunity to work across a broad stakeholder base within the UK and Europe, contributing to essential cyber risk management and operational security initiatives. Key Responsibilities As a Cyber Security Operations Analyst, you will play a key role in supporting risk analysis, security policy implementation, and … the Secure by Design framework across Operational Technology (OT) and Information Technology (IT). You will contribute to: Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI’s overall cyber security risk posture. Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel … security teams. Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and handle external threat intelligence. Software Development & Cloud Security: Support the integration of security policies into DevOps processes and cloud-based tools. Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. Incident Response: Act as a responder within More ❯

experience to join our central cyber security team. This role offers the opportunity to work across a broad stakeholder base within the UK and Europe, contributing to essential cyber risk management and operational security initiatives. Key Responsibilities As a Cyber Security Operations Analyst, you will play a key role in supporting risk analysis, security policy implementation, and … the Secure by Design framework across Operational Technology (OT) and Information Technology (IT). You will contribute to: * Risk Management: Conduct risk analysis and interpret first-line operational outputs to support VPI's overall cyber security risk posture. * Operational Security: Assist in incident response testing, data management, and coordination of cyber security with physical and personnel … security teams. * Human Risk Management: Develop cyber security awareness materials, manage phishing protection programmes, and handle external threat intelligence. * Software Development & Cloud Security: Support the integration of security policies into DevOps processes and cloud-based tools. * Business & Change Management: Contribute to risk mitigation strategies for business development and internal change projects. * Incident Response: Act as a responder within More ❯