26 to 50 of 336 Risk Assessment Jobs

s client is seeking a Cybersecurity Analyst with an active Secret clearance to support critical cybersecurity operations in Portsmouth, VA. This position requires expertise in vulnerability management, incident response, risk analysis, and compliance with DoD and DON cybersecurity standards. The analyst will be responsible for monitoring, analyzing, and mitigating cyber risks, supporting contingency planning, and maintaining day-to-day … or a related field (or equivalent DoD 8570.01M certification such as Security+ or higher), and have at least four years of cybersecurity experience in system/network vulnerability analysis, risk mitigation, and security test & evaluation. Strong knowledge of INFOSEC concepts, firewall policy, ports & protocols, and Navy-specific security requirements (e.g., OPNAVINST N9210.3) is essential. Responsibilities: • Perform cybersecurity analysis in … support of incident response, threat detection, and risk mitigation. • Conduct system and network vulnerability analysis and implement remediation strategies. • Manage Vulnerability Remediation Asset Management (VRAM), including uploading baseline configurations and processing vulnerability scans. • Support and maintain cybersecurity tools such as ACAS, HBSS, MDE, MDI, and Splunk. • Perform risk assessment and mitigation analysis to identify and reduce potential More ❯

end to end support to projects with regards to cyber security. Proactively contribute to the business solutions architecture and design to manage and reduce security risks. Conduct the security risk assessments on the Airbus Products (including threat and vulnerability assessment). Lead the definition of security requirement and concept of security to mitigate the security risks. Lead the … or component. Ensure the security compliance of the products in accordance to the national and international security regulations in accordance to the applicable criteria and methodologies. Lead the Security Risk Assessment and Threat Modeling Processes for the related projects. Verification and Validation of Secure Systems and Network design. Evaluate, develop and adapt product and sub-products for secure … ISO27000 Family, CIS, NIST, ). You possess strong expertise with Secure Architecture Principles and Concepts (e.g Zero Trust , Defense in Depth, Least Privilege ). You are knowledgeable of the Risk Assessment framework. You have a solid understanding to define verification and validation procedures for secure architecture. Excellent communication and writing skills in English. German and Spanish would be More ❯

the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support security authorization. Provide configuration management (CM) for information systems security software, hardware, and firmware. Manage changes to system and assess the security impact of … those changes. Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF). The Level 2 Information Systems Security Officer shall possess the More ❯

the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manage changes to system and assesses the security impact … of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF). Provide support to senior ISSOs for implementing, and enforcing More ❯

the information system and performs day-to-day security operations of the system. Evaluates security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact … of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Requirements TS/SCI w/Polygraph More ❯

make the most out of your career. You'd like to do this Assist security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to … program to ensure information systems security policies, standards, and procedures are established and followed. Manage changes to system and assesses the security impact of those changes. Perform vulnerability/risk assessment analysis to support certification and accreditation. Provide configuration management (CM) for information system security software, hardware, and firmware. Prepare and reviews documentation to include System Security Plans … SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). You're required to have this Bachelor of Science degree in Computer Science, Information Assurance, Information Security, or related discipline 12+ years of related experience - at least 7 years of experience as an ISSO supporting IC or DoD programs and contracts More ❯

Cybersecurity & Risk Engineer (Contract Northwood, United Kingdom NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You ll Do Conduct vulnerability scanning … such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness … and readiness required) What We re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills for working across multinational teams More ❯

Cybersecurity & Risk Engineer (Contract – [Northwood, United Kingdom] – NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You’ll Do Conduct vulnerability scanning … such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness … and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills for working across multinational teams More ❯

Cybersecurity & Risk Engineer (Contract – [Northwood, United Kingdom] – NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You’ll Do Conduct vulnerability scanning … such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness … and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills for working across multinational teams More ❯

vehicle-level SWaP-CRaM (Size, Weight, Power, Cost, Reliability, and Maintainability). Develop and manage system requirements, interface definitions, and design compliance documentation. Lead and contribute to threat analysis, risk assessment (TARA), and Cyber Tabletop Exercises (CTTX). Support the development of verification plans, manage test execution, and support field shakedowns and RCCA (Root Cause Corrective Actions). … experience in engineering or cyber-related roles. Active Secret Clearance Experience leading embedded system cybersecurity efforts, preferably in military or defense systems. Working knowledge of: TARA (Threat Analysis and Risk Assessment) Cross-Domain Solutions (CDS) CTTX (Cyber Tabletop Exercises) NIST 800-37, NIST 800-53 compliance SSP and POA&M development Familiarity with cyber-physical system security, embedded More ❯

supportable, and effective systems are delivered to the customer. Responsibilities: Assist program managers in developing program documentation, creating program schedules, tracking program status, evaluating operational and technical alternatives, performing risk assessment, and managing integrated product teams. Advise in the interpretation and tailoring of DoD acquisition regulations/memorandums, and ensure affordable, supportable, and effective systems are delivered to … and Baseline exemption Requests (BERs). Provide program managers with assistance in developing program and acquisition documentation, creating program schedules, tracking program status, evaluating operational and technical alternatives, performing risk assessment and managing integrated product teams (e.g. Test and Evaluation Master Plan (TEMP), Initial Capabilities Document (ICD), Capabilities Development Document (CDD), Capabilities Production Document (CPD), Analysis of Alternatives More ❯

physical. This role monitors operations and collects and evaluates metrics to manage network services and for inclusion into project KPIs and Service Level Agreements (SLA). This individual performs risk assessment, risk mitigation analysis, vendor trade studies, and appropriate documentation to ensure network services are available according to established Service Level Agreements (SLA). This role ensures More ❯

address such gaps as identified by CT strategies. Research and analyze program requirements and issues, and provide analysis and advice on programs using a range of qualitative and quantitative assessment methods in order to improve program effectiveness management processes. Collect, compile, and organize data, as well as provide presentations of results/findings with the goal of refining or … Chair technical evaluation panels and/or take notes at review panel sessions. Assist with drafting and clearing program scope of work and other pre-award documents(action memo, risk assessment, risk register, monitoring plan, etc.). Support grants closeout by supporting GOR, GO, and FMO with the reconciliation process Maintain traceability of oversight through properly documented More ❯

installation, configuration, administration, support, and maintenance of networks, including associated hardware and cloud resources. Update to new technologies, tuning performance, and prioritizing the implementation of critical system patches. Performs risk assessment, risk mitigation analysis, vendor trade studies, and appropriate documentation to ensure network services are available according to established Service Level Agreements (SLA). Ensures continuity of More ❯

Senior Business Analyst With Risk Our Client - an international Bank is looking to recruit a Senior Business Analyst with at least 5 to 7 years experience as Business Analyst. The team has a responsibility to deliver to a set of expected standards being set by the Regulatory Reporting Assurance programme, and delivers to a standard playbook defined by the … Basel 3 Reforms central Operating model and controls function. The role holder will be working with process owners, service owners and Risk and Control colleagues to define the operating model that will be in place following the implementation of the Basel 3 Reforms, and to define any interim operating models required until the reforms are implemented. This operating model … controls for the Basel 3 Reforms programme. Key Accountabilities: To document the business process controls, IT general controls and Business Application Controls and ensure full syndication and approval from Risk Stewards, Risk Owners, Controls Office and Control Owners To Support senior stakeholders globally through complex process change and systems change delivery activities Deal with conflicting priorities across global More ❯

to ensure systems are secure, compliant, and properly configured according to federal regulations. Additionally, in this position you will: Strengthen Our Defense: Perform Security Technical Implementation (STIG) review, Self-Assessment, and participate in Assessment & Authorizations testing to ensure our system stay secure and compliant. Shape Security Policy: use your expertise to apply a comprehensive range of cybersecurity policies … security standards. Participate in incident response activities, including identifying, reporting, and helping to resolve security incidents. Contribute to the development and delivery of security awareness training for staff. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process and recommend security solutions to address any identify gaps. Maintain Security Documentation: Ensure … all system documentation is up to date. POAMs: Manage and Maintain Plans of actions and milestones, by tracking remediation efforts, validating closure evidence, prioritizing and communicating risk, and ensuring timely. Oversee Configuration Management: Manage changes to security-relevant software, hardware, and firmware to maintain system security. Basic Qualifications: As a requirement of this position, all candidates must be a More ❯

to ensure systems are secure, compliant, and properly configured according to federal regulations. Additionally, in this position you will: Strengthen Our Defense: Perform Security Technical Implementation (STIG) review, Self-Assessment, and participate in Assessment & Authorizations testing to ensure our system stay secure and compliant. Shape Security Policy: use your expertise to apply a comprehensive range of cybersecurity policies … security standards. Participate in incident response activities, including identifying, reporting, and helping to resolve security incidents. Contribute to the development and delivery of security awareness training for staff. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process and recommend security solutions to address any identify gaps. Maintain Security Documentation: Ensure … all system documentation is up to date. POAMs: Manage and Maintain Plans of actions and milestones, by tracking remediation efforts, validating closure evidence, prioritizing and communicating risk, and ensuring timely. Oversee Configuration Management: Manage changes to security-relevant software, hardware, and firmware to maintain system security. Basic Qualifications: As a requirement of this position, all candidates must be a More ❯

to ensure systems are secure, compliant, and properly configured according to federal regulations. Additionally, in this position you will: Strengthen Our Defense: Perform Security Technical Implementation (STIG) review, Self-Assessment, and participate in Assessment & Authorizations testing to ensure our system stay secure and compliant. Shape Security Policy: use your expertise to apply a comprehensive range of cybersecurity policies … security standards. Participate in incident response activities, including identifying, reporting, and helping to resolve security incidents. Contribute to the development and delivery of security awareness training for staff. Drive Risk Management: Perform risk analysis for system changes, contribute to the Risk Management Framework process and recommend security solutions to address any identify gaps. Maintain Security Documentation: Ensure … all system documentation is up to date. POAMs: Manage and Maintain Plans of actions and milestones, by tracking remediation efforts, validating closure evidence, prioritizing and communicating risk, and ensuring timely. Oversee Configuration Management: Manage changes to security-relevant software, hardware, and firmware to maintain system security. Basic Qualifications: As a requirement of this position, all candidates must be a More ❯

Lead, Assessment and Authorization Opening Aberdeen Proving Grounds Baltimore, MD Paragone Solutions is seeking an Assessment and Authorization Lead who is responsible for the deliverables, managing project artifacts, and managing staff and performance. This is a full-time, on-site position located at Aberdeen Proving Ground, MD. Experience with classified authorizations required, NSA or other is desired. Must … SCI and Poly. If a candidate does not have a polygraph, they must be willing to undergo a polygraph investigation. Description - Serves as the on-site lead for the Assessment and Authorization team, responsible for the team tasking, deliverables, and managing project artifacts. - Perform all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and AR 25-2. … Direct experience with providing expert support, analysis and research in Intelligence Community (IC) and DoD Risk Management Framework (RMF) requirements and processes to support the IC, DoD and Army RMF assessment and authorization processes - Includes experience as a technical SME, Information System Security Officer (ISSO) or Information Security System Engineer (ISSE) on Army Program Of Record (POR)/ More ❯

the highest level of system security. • Develop and maintain formal documentation, including NSS-specific SOPs and Concept of Operations (CONOPs), to streamline and enhance the authorization process. • Analyze cyber risk indicators stemming from system threats and vulnerabilities and provide detailed cybersecurity risk recommendations in support of NSS continuous monitoring activities. • Research, develop, and implement policies to improve the … effectiveness and efficiency of the security authorization process while minimizing operational impacts on critical NSS systems. • Conduct vulnerability scans, create Body of Evidence (BoE) artifacts, and produce Security Assessment Reports (SARs) to document risk levels and recommended mitigations. • Provide in-depth analysis of cyber threat actor behavior and create detailed white papers to inform DHS NSS of potential … risks and threat trends. • Actively participate in security meetings, including engineering review boards and cybersecurity supply chain risk management (C-SCRM) sessions, to inform and support NSS initiatives. • Develop automated assessment tools and dashboards to support continuous monitoring and ongoing authorization processes, leveraging tools like Splunk, Tenable, and Axonius. Basic Qualifications: • Bachelor's Degree in Information Technology, Cybersecurity More ❯

strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and … creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a … sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and … creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a … sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

and private sector clients where required. At the Consultant level, you will be working with clients to deliver a range of GRC projects that could range from a single risk assessment to the development of a full ISMS to assuring clients gain accreditation in accordance with the appropriate standards on highly complex programmes of work. Delivery of client … engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. Working with the leadership and sales team to respond to tenders and provide pre-sales … you: Experience: Security assurance, working with JSP440, JSP604 Security accreditation Secure by design Implementing security standards and frameworks, such as ISO 27001, NIST 800 and CAF Conducting Cyber Security risk assessments and managing risk management activities Good knowledge of IT systems covering traditional infrastructure, cloud platforms and SaaS Working within an operational security role or security management/ More ❯

Oliver James is proud to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Overview Oliver … James is proud to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Based in the … a competitive base salary of up to £120,000, with a total compensation package reaching £155,000 through exceptional benefits and annual/loyalty bonuses. Key Responsibilities Third-Party Risk Management: Lead and own the third-party vendor risk assessment process across a portfolio of 100-120 vendors. Review and validate vendor security documentation (e.g., SOC More ❯

functional teams (Product Engineering, DevSecOps, Regulatory, Quality) to integrate security into the product lifecycle. Define security requirements and controls based on specific use cases and threat models. Perform regular risk analyses to evaluate security threats and vulnerabilities, prioritizing uncontrolled risks with potential impacts on patient safety. Perform Security Risk Management activities to address identified vulnerabilities and security design … issues, including regular review and assessment of risk against CVEs. Establish automated processes for vulnerability scanning and remediation Educate the development and leadership teams on securing products, remote connectivity solutions, and their operating environments. Collaborate with Program Management and Regulatory teams to provide security input for audits and FDA submissions. Maintain current knowledge of FDA and other regulatory … systems. Establish incident playbooks and coordinate root cause analysis (RCA) for reported security incidents. Work with DevSecOps and Software Engineers to review code static analysis and third-party software assessment reports. Required Education and Experience: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related engineering equivalent. Minimum of 8 - 12 years of professional experience in product More ❯