ZipRecruiter

Log In

1

Cyber Risk Jobs in Washington (NOW HIRING)

Technomics Inc

Cyber Risk Analyst SME

Arlington, VA · On-site

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk ...

Technomics

Cyber Risk Analyst SME

Arlington, VA · On-site +1

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk ...

Capital One

Manager, Cyber Risk & Analysis

Mclean, VA · On-site

Manager, Cyber Risk & Analysis As a Manager, you will apply your technical expertise, risk management acumen, and project management skills to drive Risk Management Strategy for a major technology ...

Capital One

Manager - Cyber Risk & Analysis

Mclean, VA · On-site

Manager - Cyber Risk & Analysis As a Technology Risk Manager, you will drive strategy and execute on high priority projects for the company in the Card Technology Risk area. The successful candidate ...

Capital One

Sr. Manager, Tech & Cyber Risk

Mclean, VA · On-site

Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One's Business Risk Office, you will be a strategic risk partner to business leaders and senior technology ...

Capital One

Manager, Cyber Risk & Analysis

Mclean, VA

$112.20K - $151.60K/yr

Manager, Cyber Risk & Analysis Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and ...

Capital One

Manager, Cyber Risk & Analysis

Mclean, VA · On-site

$112.20K - $151.60K/yr

Manager, Cyber Risk & Analysis Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and ...

Beyond SOF

Cyber Risk Analyst (TS/SCI)

Reston, VA

Cyber Risk Analyst (TS/SCI) Reston, VA, USA Full-time Clearance: Top Secret/SCI Summary: Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make ...

Beyond SOF

Cyber Risk Analyst (TS/SCI)

Reston, VA · On-site

Cyber Risk Analyst (TS/SCI) Reston, VA, USA Full-time Clearance: Top Secret/SCI Summary: Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make ...

next page

Showing results 1-20

People also search for

All JobsCyber Risk JobsCyber Risk Jobs in Washington

Cyber Risk information

See Washington salary details

$77.6K

$146K

$183.5K

How much do cyber risk jobs pay per year?

As of May 29, 2026, the average yearly pay for cyber risk in Washington is $145,971.00, according to ZipRecruiter salary data. Most workers in this role earn between $128,000.00 and $165,900.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Risk professional, and why are they important?

To thrive as a Cyber Risk professional, you need a solid understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, often supported by a degree in cybersecurity, IT, or related fields. Familiarity with tools such as SIEM platforms, vulnerability scanners, and relevant certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey complex security issues to diverse stakeholders. These competencies are crucial for protecting organizational assets, ensuring compliance, and proactively managing evolving cyber threats.

What are some typical challenges faced by professionals in a Cyber Risk role, and how can they be addressed?

Professionals in Cyber Risk roles often encounter challenges such as rapidly evolving cyber threats, balancing business needs with security requirements, and managing cross-departmental communication. Staying current with emerging risks and regulatory changes requires continuous learning and adaptability. Effective collaboration with IT, legal, and business units is crucial to implement practical risk mitigation strategies. Building strong relationships and clear communication channels within the organization can help address these challenges and ensure cyber risk is managed proactively.

What is cyber risk?

Cyber risk refers to the potential for financial loss, disruption, or damage to an organization due to the failure of its information technology systems. This includes threats such as data breaches, hacking, malware, ransomware, and unauthorized access to sensitive information. Managing cyber risk involves identifying vulnerabilities, implementing security measures, and creating response plans to minimize the impact of cyber incidents. Organizations often employ specialists to assess and mitigate these risks, ensuring the safety of their digital assets.

What is the difference between Cyber Risk vs Cyber Security Analyst?

AspectCyber RiskCyber Security Analyst
Primary FocusIdentifying, assessing, and managing cybersecurity risks and vulnerabilitiesMonitoring, analyzing, and responding to security threats and incidents
Required CredentialsCertifications like CISSP, CISM, CRISC; risk management experienceCertifications like CompTIA Security+, CISSP; technical security skills
Work EnvironmentRisk management teams, compliance departments, strategic planningSecurity operations centers, IT teams, incident response teams
Industry UsageUsed across finance, healthcare, government for risk mitigationUsed in IT and cybersecurity departments for threat defense

While both roles focus on cybersecurity, Cyber Risk professionals primarily assess and manage potential threats at a strategic level, whereas Cyber Security Analysts focus on technical threat detection and response. Understanding these differences helps organizations allocate resources effectively and align roles with their security objectives.

What are the most commonly searched types of Cyber Risk jobs in Washington? The most popular types of Cyber Risk jobs in Washington are:
What are popular job titles related to Cyber Risk jobs in Washington? For Cyber Risk jobs in Washington, the most frequently searched job titles are:
What job categories do people searching Cyber Risk jobs in Washington look for? The top searched job categories for Cyber Risk jobs in Washington are:
Cyber Risk jobs near you
Infographic showing various Cyber Risk job openings in Washington as of May 2026, with employment types broken down into 90% Full Time, 7% Part Time, 1% Temporary, and 2% Contract. Highlights an 99% Physical, and 1% Remote job distribution, with an average salary of $145,971 per year, or $70.2 per hour.
Cyber Risk Analyst SME

Cyber Risk Analyst SME

Technomics Inc

Arlington, VA • On-site

Full-time

Posted 4 days ago

Job description

Technomics is a growing employee-owned, decision analytics company that specializes in cost and economic analysis to facilitate better decisions faster. We enable a wide range of clients across the Federal government, from senior level policy makers to program managers, to choose smartly, buy effectively and operate efficiently. We deliver practical, credible and defensible results offering actionable insights by applying data-driven and analytics-based approaches in combination with multidisciplinary talent, subject matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.
Senior Analystshave the knowledge, skills, abilities and initiative to deliver timely, practical and innovative solutions to our clients as part of high-performing project teams typically composed of a mix of junior and mid-level analysts who will look to you for technical acumen and mentoring.
Our employee-owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assist clients in understanding and solving a myriad of challenging resource planning and management problems.
This position is located in Arlington, VA.
Description:
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk identification.
The ideal candidate has deep experience with NIST SP 800-30, MITRE ATT&CK, and threat modeling approaches, and can translate technical risks into mission/business impacts. You will work alongside cybersecurity, OT, and systems engineering SMEs, creating task plans, presenting findings, and traveling to client sites for mission assessments.
We are looking for someone who is agile, creative, and collaborative - able to apply lessons learned, enable data tagging and structured knowledge capture, and help shift the organization from reactive responses toward proactive risk management.
Clearance Required: Active DOE Q or higher (or ability to obtain)
Key Responsibilities:
  • Serve as a Subject Matter Expert (SME) in cyber risk assessment, analysis, and mitigation strategies for critical missions.
  • Conduct on-site and remote cyber risk assessments of enterprise systems, applications, and mission-critical infrastructures.
  • Apply NIST SP 800-30 risk assessment methodology, threat modeling techniques, and frameworks such as MITRE ATT&CK to evaluate vulnerabilities, threats, and risks.
  • Develop and present risk characterization reports, mitigation considerations, and recommendations to client leadership and system owners.
  • Create and manage task plans, assessment schedules, and execution strategies to ensure effective delivery of assessment activities.
  • Collaborate with multi-disciplinary teams of SMEs (cybersecurity, systems engineering, OT, supply chain, and mission assurance) to address enterprise risks.
  • Support the identification, analysis, and validation of complex security risks and associated vulnerabilities, including both technical and operational impacts.
  • Assist in the development of threat-informed mitigation strategies aligned with client enterprise assurance goals.
  • Implement data tagging and structured knowledge capture to enable proactive risk identification, trend analysis, and lessons-learned reuse.
  • Build analytic processes that leverage historical assessment data, external threat databases, and adversary TTPs to anticipate potential risks rather than solely reacting to identified vulnerabilities.
  • Provide expert consultation on risk acceptance, mitigation prioritization, and remediation planning to stakeholders.
  • Maintain awareness of emerging threats, vulnerabilities, adversary tactics, and best practices for defense in depth across the nuclear enterprise.

Required Qualifications:
  • 10+ years of experience in cybersecurity risk assessment, vulnerability analysis, or cyber mission assurance.
  • Deep knowledge of NIST SP 800-30, NIST Risk Management Framework (RMF), and related federal standards.
  • Hands-on experience with threat modeling approaches and application of MITRE ATT&CK for risk evaluation.
  • Demonstrated ability to conduct complex cyber risk assessments and present findings to executive and technical audiences.
  • Proven ability to develop task plans, manage assessment milestones, and work independently or as part of a team.
  • Strong writing and briefing skills to produce risk reports, mitigation strategies, and decision support artifacts.

Preferred Qualifications:
  • Experience supporting national security organizations.
  • Familiarity with supply chain risk management (SCRM), insider threat analysis, or mission-critical system assurance.
  • Operational Technology (OT) and Systems Engineering (SE) experience in complex enterprise environments.
  • Knowledge of nuclear enterprise operations and mission dependencies.
  • Technical certifications such as Security+, CISSP, CISM, C-RMA, CAP, CEH, or OSCP.
  • Prior experience briefing and advising SES-level leadership or program executives.
  • Familiarity with tools supporting risk assessments and vulnerability analysis (e.g., Threat Modeling tools).

Work Environment:
  • Hybrid environment with headquarters-based work in D.C. and regular travel to client sites for on-site risk assessments.
  • Fast-paced, collaborative environment with cross-disciplinary SMEs (cybersecurity, engineering, OT, program management, and intelligence).
  • Requires agility, creativity, and strong interpersonal skills to interact effectively with diverse stakeholders across government, contractors, and mission partners.
  • Role demands adaptability to dynamic mission needs, shifting priorities, and classified environments.
  • Emphasis on teamwork, analytical rigor, and the ability to translate technical risks into mission/business impacts.

Technomics is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to protected status under applicable law, including disability and protected veteran status.

Apply