ZipRecruiter

Log In

1

Cyber Security Risk Analyst Jobs in Washington (NOW HIRING)

Technomics Inc

Cyber Risk Analyst SME

Arlington, VA ยท On-site

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... You will work alongside cybersecurity, OT, and systems engineering SMEs, creating task plans ...

GDIT

Cyber Security Analyst

Manassas, VA ยท On-site

$85K - $115K/yr

Cyber and IT Risk Management Job Qualifications: Skills: Cyber Defense, Monitoring Tools ... Yes CYBERSECURITY ANALYST Summary: Seize your opportunity to make a personal impact as a ...

next page

Showing results 1-20

People also search for

All JobsCyber Security Risk Analyst JobsCyber Security Risk Analyst Jobs in Washington

Cyber Security Risk Analyst information

See Washington salary details

$48.7K

$112.6K

$169.9K

How much do cyber security risk analyst jobs pay per year?

As of Jun 10, 2026, the average yearly pay for cyber security risk analyst in Washington is $112,580.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $130,800.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Cyber Security Risk Analyst position, and why are they important?

A Cyber Security Risk Analyst requires a solid understanding of information security principles, risk assessment methodologies, and a relevant degree such as computer science or cybersecurity. Familiarity with tools like risk management frameworks (NIST, ISO 27001), vulnerability scanners, and certifications such as CISSP, CISM, or CRISC is common in this role. Strong analytical thinking, attention to detail, effective communication, and problem-solving skills are vital soft skills. These competencies enable analysts to accurately identify, assess, and communicate cyber risks, protecting organizations from evolving threats.

What is a Cyber Security Risk Analyst job?

A Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks within an organization. They analyze potential threats, evaluate security controls, and recommend improvements to protect sensitive data and systems. Their role often involves conducting risk assessments, ensuring compliance with industry regulations, and collaborating with IT and security teams to enhance defenses. They also monitor emerging threats and provide strategic insights to minimize vulnerabilities. Ultimately, they help organizations maintain a strong security posture against cyber threats.

What are some typical challenges faced by Cyber Security Risk Analysts on the job?

Cyber Security Risk Analysts commonly face the challenge of keeping up with constantly evolving threats and technology landscapes. They must balance the need for robust security with business objectives, often requiring nuanced decision-making and collaboration across departments. Analysts may also encounter difficulties in communicating complex technical risks to non-technical stakeholders. Successfully navigating these challenges is key to maintaining organizational security and fostering a culture of risk awareness.

What are the most commonly searched types of Cyber Security Risk Analyst jobs in Washington? The most popular types of Cyber Security Risk Analyst jobs in Washington are:
What are popular job titles related to Cyber Security Risk Analyst jobs in Washington? For Cyber Security Risk Analyst jobs in Washington, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Analyst jobs in Washington look for? The top searched job categories for Cyber Security Risk Analyst jobs in Washington are:
What cities in Washington are hiring for Cyber Security Risk Analyst jobs? Cities in Washington with the most Cyber Security Risk Analyst job openings:
Cyber Security Risk Analyst jobs near you
Cyber Risk Analyst SME

Cyber Risk Analyst SME

Technomics Inc

Arlington, VA โ€ข On-site

Full-time

Posted 16 days ago

Job description

Technomics is a growing employee-owned, decision analytics company that specializes in cost and economic analysis to facilitate better decisions faster. We enable a wide range of clients across the Federal government, from senior level policy makers to program managers, to choose smartly, buy effectively and operate efficiently. We deliver practical, credible and defensible results offering actionable insights by applying data-driven and analytics-based approaches in combination with multidisciplinary talent, subject matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.
Senior Analystshave the knowledge, skills, abilities and initiative to deliver timely, practical and innovative solutions to our clients as part of high-performing project teams typically composed of a mix of junior and mid-level analysts who will look to you for technical acumen and mentoring.
Our employee-owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assist clients in understanding and solving a myriad of challenging resource planning and management problems.
This position may be located in Arlington, VA (Headquarters), Washington D.C., Pentagon, Springfield, VA., Chantilly, VA., Tysons Corner, VA.
Description:
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk identification.
The ideal candidate has deep experience with NIST SP 800-30, MITRE ATT&CK, and threat modeling approaches, and can translate technical risks into mission/business impacts. You will work alongside cybersecurity, OT, and systems engineering SMEs, creating task plans, presenting findings, and traveling to client sites for mission assessments.
We are looking for someone who is agile, creative, and collaborative - able to apply lessons learned, enable data tagging and structured knowledge capture, and help shift the organization from reactive responses toward proactive risk management.
Clearance Required: Active DOE Q or higher (or ability to obtain)
Key Responsibilities:
  • Serve as a Subject Matter Expert (SME) in cyber risk assessment, analysis, and mitigation strategies for critical missions.
  • Conduct on-site and remote cyber risk assessments of enterprise systems, applications, and mission-critical infrastructures.
  • Apply NIST SP 800-30 risk assessment methodology, threat modeling techniques, and frameworks such as MITRE ATT&CK to evaluate vulnerabilities, threats, and risks.
  • Develop and present risk characterization reports, mitigation considerations, and recommendations to client leadership and system owners.
  • Create and manage task plans, assessment schedules, and execution strategies to ensure effective delivery of assessment activities.
  • Collaborate with multi-disciplinary teams of SMEs (cybersecurity, systems engineering, OT, supply chain, and mission assurance) to address enterprise risks.
  • Support the identification, analysis, and validation of complex security risks and associated vulnerabilities, including both technical and operational impacts.
  • Assist in the development of threat-informed mitigation strategies aligned with client enterprise assurance goals.
  • Implement data tagging and structured knowledge capture to enable proactive risk identification, trend analysis, and lessons-learned reuse.
  • Build analytic processes that leverage historical assessment data, external threat databases, and adversary TTPs to anticipate potential risks rather than solely reacting to identified vulnerabilities.
  • Provide expert consultation on risk acceptance, mitigation prioritization, and remediation planning to stakeholders.
  • Maintain awareness of emerging threats, vulnerabilities, adversary tactics, and best practices for defense in depth across the nuclear enterprise.

Required Qualifications:
  • 10+ years of experience in cybersecurity risk assessment, vulnerability analysis, or cyber mission assurance.
  • Deep knowledge of NIST SP 800-30, NIST Risk Management Framework (RMF), and related federal standards.
  • Hands-on experience with threat modeling approaches and application of MITRE ATT&CK for risk evaluation.
  • Demonstrated ability to conduct complex cyber risk assessments and present findings to executive and technical audiences.
  • Proven ability to develop task plans, manage assessment milestones, and work independently or as part of a team.
  • Strong writing and briefing skills to produce risk reports, mitigation strategies, and decision support artifacts.

Preferred Qualifications:
  • Experience supporting national security organizations.
  • Familiarity with supply chain risk management (SCRM), insider threat analysis, or mission-critical system assurance.
  • Operational Technology (OT) and Systems Engineering (SE) experience in complex enterprise environments.
  • Knowledge of nuclear enterprise operations and mission dependencies.
  • Technical certifications such as Security+, CISSP, CISM, C-RMA, CAP, CEH, or OSCP.
  • Prior experience briefing and advising SES-level leadership or program executives.
  • Familiarity with tools supporting risk assessments and vulnerability analysis (e.g., Threat Modeling tools).

Work Environment:
  • Hybrid environment with headquarters-based work in D.C. and regular travel to client sites for on-site risk assessments.
  • Fast-paced, collaborative environment with cross-disciplinary SMEs (cybersecurity, engineering, OT, program management, and intelligence).
  • Requires agility, creativity, and strong interpersonal skills to interact effectively with diverse stakeholders across government, contractors, and mission partners.
  • Role demands adaptability to dynamic mission needs, shifting priorities, and classified environments.
  • Emphasis on teamwork, analytical rigor, and the ability to translate technical risks into mission/business impacts.

Technomics is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to protected status under applicable law, including disability and protected veteran status.

Apply