Risk Assessments: Evaluate vendor and supplier security postures (third-party/fourth-party) using ... in cyber risk or supply chain management. * Frameworks: In-depth knowledge of NIST SP 800-161r1 ...
Risk Assessments: Evaluate vendor and supplier security postures (third-party/fourth-party) using ... in cyber risk or supply chain management. * Frameworks: In-depth knowledge of NIST SP 800-161r1 ...
Conduct vendor cyber risk assessments, software supply chain reviews, and broader cyber SCRM analysis across customer engagements * Leverage Exiger's solution set, including the 1Exiger platform and ...
Conduct vendor cyber risk assessments, software supply chain reviews, and broader cyber SCRM analysis across customer engagements * Leverage Exiger's solution set, including the 1Exiger platform and ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
Conduct vendor cyber risk assessments, software supply chain reviews, and broader cyber SCRM analysis across customer engagements * Leverage Exiger's solution set, including the 1Exiger platform and ...
Conduct vendor cyber risk assessments, software supply chain reviews, and broader cyber SCRM analysis across customer engagements * Leverage Exiger's solution set, including the 1Exiger platform and ...
(USA) Staff, Cyber Intelligence Engineer
$132K - $264K/yr
Contribute to cyber risk assessments and recommend mitigation measures to address security vulnerabilities. * Lead cross-functional initiatives, fostering collaboration to achieve strategic ...
(USA) Staff, Cyber Intelligence Engineer
$132K - $264K/yr
Contribute to cyber risk assessments and recommend mitigation measures to address security vulnerabilities. * Lead cross-functional initiatives, fostering collaboration to achieve strategic ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
... risk assessment, reporting, and effective challenge of cybersecurity controls, operational ... TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a ...
Sr. Cyber Analyst
Hampton, VA ยท On-site
$97K - $125K/yr
The Cyber Analyst, Senior applies cyber risk assessment expertise and work experience to the Security Control Assessor (SCA) for the DoD Mission Partner Environment (MPE). Provides recommendations to ...
Quick apply
Sr. Cyber Analyst
Hampton, VA ยท On-site
$97K - $125K/yr
The Cyber Analyst, Senior applies cyber risk assessment expertise and work experience to the Security Control Assessor (SCA) for the DoD Mission Partner Environment (MPE). Provides recommendations to ...
The Cyber Analyst, Midlevel applies expertise and work experience executing cyber risk assessments to perform duties assigned by the Security Control Assessor (SCA) for Department of the Air Force ...
The Cyber Analyst, Midlevel applies expertise and work experience executing cyber risk assessments to perform duties assigned by the Security Control Assessor (SCA) for Department of the Air Force ...
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk The Enterprise Services Risk ... Risk Assessments (TRAs), and monitoring mitigation plans to enable secure and well-managed ...
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk The Enterprise Services Risk ... Risk Assessments (TRAs), and monitoring mitigation plans to enable secure and well-managed ...
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk The Enterprise Services Risk ... Risk Assessments (TRAs), and monitoring mitigation plans to enable secure and well-managed ...
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk The Enterprise Services Risk ... Risk Assessments (TRAs), and monitoring mitigation plans to enable secure and well-managed ...
Conducts comprehensive Cyber Supply Chain Risk Assessments on systems, products, and suppliers toidentifyvulnerabilities, foreign influence, and compliance gaps. * Monitors program adherence to all ...
Conducts comprehensive Cyber Supply Chain Risk Assessments on systems, products, and suppliers toidentifyvulnerabilities, foreign influence, and compliance gaps. * Monitors program adherence to all ...
... self assessments * Strong organization skills and ability to support multiple projects ... Chicago, IL: $119,400 - $136,200 for Prin Assoc, Cyber Risk & Analysis McLean, VA: $131,300 - $149 ...
... self assessments * Strong organization skills and ability to support multiple projects ... Chicago, IL: $119,400 - $136,200 for Prin Assoc, Cyber Risk & Analysis McLean, VA: $131,300 - $149 ...
... self assessments * Strong organization skills and ability to support multiple projects ... Chicago, IL: $119,400 - $136,200 for Prin Assoc, Cyber Risk & Analysis McLean, VA: $131,300 - $149 ...
... self assessments * Strong organization skills and ability to support multiple projects ... Chicago, IL: $119,400 - $136,200 for Prin Assoc, Cyber Risk & Analysis McLean, VA: $131,300 - $149 ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
Proficiency in Cyber and Technology risk management program development and management are key to ... Perform risk reviews during various processes such as Risk Control and Self Assessments (RCSAs ...
AI Tester
King George, VA ยท On-site
The AI Tester will be responsible for supporting cyber analysis and development capabilities, conducting assessments, and developing methodologies for cyber risk assessment in response to Navy's and ...
AI Tester
King George, VA ยท On-site
The AI Tester will be responsible for supporting cyber analysis and development capabilities, conducting assessments, and developing methodologies for cyber risk assessment in response to Navy's and ...
Cyber Action Officer
Alexandria, VA ยท Hybrid
$100K - $105K/yr
Job#: 3033754 Cyber Action Officer Location: Alexandria, Virginia (Hybrid) Employment Type ... Support cybersecurity risk assessments and supply chain risk management efforts. * Provide an ...
Cyber Action Officer
Alexandria, VA ยท Hybrid
$100K - $105K/yr
Job#: 3033754 Cyber Action Officer Location: Alexandria, Virginia (Hybrid) Employment Type ... Support cybersecurity risk assessments and supply chain risk management efforts. * Provide an ...
Cyber System Security Engineer
Herndon, VA ยท On-site
The desired candidate will be able to conduct cyber risk assessment activities including threat modeling, vulnerability analysis and analysis of mitigation solutions. They will also evaluate and ...
Cyber System Security Engineer
Herndon, VA ยท On-site
The desired candidate will be able to conduct cyber risk assessment activities including threat modeling, vulnerability analysis and analysis of mitigation solutions. They will also evaluate and ...
Cyber Risk Assessment information
What is the difference between Cyber Risk Assessment vs Cyber Security Analyst?
| Aspect | Cyber Risk Assessment | Cyber Security Analyst |
|---|---|---|
| Primary Focus | Identifying and evaluating cybersecurity risks and vulnerabilities | Monitoring, detecting, and responding to security threats |
| Certifications | CompTIA Security+, CISSP, CISA | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk management teams, consulting firms, security departments | Security operations centers, IT departments, incident response teams |
| Responsibilities | Risk analysis, vulnerability assessments, compliance | Threat detection, incident response, security monitoring |
While both roles involve cybersecurity, Cyber Risk Assessments focus on evaluating potential risks and vulnerabilities to inform security strategies, whereas Cyber Security Analysts actively monitor and respond to ongoing security threats. Understanding these differences helps organizations assign the right roles for comprehensive cybersecurity management.
What is a cyber risk assessment?
A cyber risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities in an organization's information systems. It helps organizations understand the potential impact of cyber threats and determine the likelihood of such events occurring. By conducting a cyber risk assessment, businesses can implement appropriate security controls and strategies to mitigate risks, comply with regulatory requirements, and protect sensitive data from cyberattacks. Regular assessments are essential to adapt to evolving threats and maintain a strong cybersecurity posture.
What are some common challenges faced by professionals in Cyber Risk Assessment, and how can they be addressed?
Professionals in Cyber Risk Assessment often encounter challenges such as rapidly evolving threat landscapes, keeping up with regulatory changes, and ensuring clear communication of technical risks to non-technical stakeholders. To address these, staying current with industry trends through continuous learning, leveraging robust risk assessment frameworks, and developing strong communication skills are essential. Additionally, collaborating closely with IT, compliance, and business units helps ensure comprehensive and effective risk management.
What are the key skills and qualifications needed to thrive as a Cyber Risk Assessor, and why are they important?
To thrive as a Cyber Risk Assessor, you need a strong understanding of cybersecurity principles, risk management frameworks, and relevant regulations, often backed by a degree in information security or related certifications like CISSP or CISA. Familiarity with security assessment tools, vulnerability scanners, and risk analysis platforms is typically required. Analytical thinking, attention to detail, and effective communication are vital soft skills for accurately identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets and ensuring compliance in an evolving threat landscape.
Can you make $500,000 a year in cyber security?
Cyber Risk Assessment professionals with extensive experience, advanced certifications, and specialized skills can potentially earn salaries approaching or exceeding $500,000 annually, especially in senior or executive roles. Achieving this level often requires a combination of technical expertise, leadership responsibilities, and working in high-demand industries or organizations. However, such salaries are not typical for entry- or mid-level positions in cybersecurity.
What are popular job titles related to Cyber Risk Assessment jobs in Virginia? For Cyber Risk Assessment jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Cyber Risk Assessment jobs in Virginia look for? The top searched job categories for Cyber Risk Assessment jobs in Virginia are:
What cities in Virginia are hiring for Cyber Risk Assessment jobs? Cities in Virginia with the most Cyber Risk Assessment job openings:
Full-time
Posted 2 days ago
Job description
Overview
We are seeking a technically proficient Cyber Supply Chain Risk Management (C-SCRM) professional to support U.S. Government stakeholders. The C-SCRM Analyst is responsible for identifying, assessing, and mitigating risks associated with the distributed and interconnected nature of Information and Communications Technology and Operational Technology (ICT/OT) product and service supply chains throughout their entire lifecycle. This includes protecting against malicious functionality, counterfeit components, foreign influence, and vulnerabilities derived from poor manufacturing.
Responsibilities
Required Qualifications
Desired Qualifications
We are seeking a technically proficient Cyber Supply Chain Risk Management (C-SCRM) professional to support U.S. Government stakeholders. The C-SCRM Analyst is responsible for identifying, assessing, and mitigating risks associated with the distributed and interconnected nature of Information and Communications Technology and Operational Technology (ICT/OT) product and service supply chains throughout their entire lifecycle. This includes protecting against malicious functionality, counterfeit components, foreign influence, and vulnerabilities derived from poor manufacturing.
Responsibilities
- Risk Assessments: Evaluate vendor and supplier security postures (third-party/fourth-party) using frameworks such as NIST SP 800-161.
- Threat Analysis: Monitor, analyze, and report on supply chain threats (counterfeit, malicious insertion, Tampering).
- Policy Governance & Compliance: Lead the development, formal documentation, and maintenance of organizational C-SCRM policies, Standard Operating Procedures (SOPs), and implementation plans; concurrently monitor and enforce policy compliance across the enterprise by conducting systematic audits and risk assessments to ensure alignment with federal mandates such as NIST SP 800-161, DFARS , FAR, and Executive Order requirements.
- Acquisition Support: Integrate C-SCRM controls into procurement documents, RFPs, and contracts, working alongside acquisition teams.
- Technical Evaluation: Perform Software Bill of Materials (SBOM) and Hardware Bill of Materials (HBOM) analysis to identify components and vulnerabilities.
- Operationalization: Develop and maintain C-SCRM policies, procedures, and Standard Operating Procedures (SOPs).
- Incident Response: Support incident response teams when compromised products are identified.
- Reporting: Create and present risk briefing materials, dashboards, and metrics to senior leadership.
Required Qualifications
- Education & Experience: Bachelor's degree in Computer Science, Information Systems, Cyber Security, or Supply Chain Management, plus 2-8+ years of experience in cyber risk or supply chain management.
- Frameworks: In-depth knowledge of NIST SP 800-161r1-upd1, NIST Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, and Risk Management Framework (RMF).
- Technical Skills: Experience implementing NIST and/or DoD C-SCRM policies. Familiarity with C-SCRM/Third-Party Risk Management tools such as Exiger and eMAS
- Security clearance: TS/SCI with Poly
Desired Qualifications
- Certifications: CISSP, CISM, CRISC, or C-SCRM certification.
- Task Management: Experience with DoD/IC/NGA task management system (e.g. CATMS, NCERTS)
- Domain Expertise: DoW Cybersecurity Supply Chain Risk Management.
- Communications: Strong written and verbal communication skills
- Professional Standard: Ability to execute complex workflows under general direction. Comfortable in an independent work environment. Self-directed.
About WiSC Enterprises
Sourced by ZipRecruiter
Industry
It services
Company size
51 - 200 Employees
Headquarters location
Chantilly, VA, US
Year founded
2008