ZipRecruiter

Log In

1

Cyber Security Risk Assessment Jobs in Virginia (NOW HIRING)

Analygence

Cybersecurity Assessment Lead

Virginia Beach, VA · On-site

$98K - $133K/yr

The Cybersecurity Assessment Lead serves as the senior assessor overseeing cybersecurity assessment activities supporting Risk Management Framework (RMF) authorization processes for customer networks ...

Analygence

Cybersecurity Assessment Lead

Virginia Beach, VA

$98K - $133K/yr

The Cybersecurity Assessment Lead serves as the senior assessor overseeing cybersecurity assessment activities supporting Risk Management Framework (RMF) authorization processes for customer networks ...

Booz Allen Hamilton

Risk Assessment Analyst

Alexandria, VA · On-site

$62K - $141K/yr

Experience in cybersecurity risk assessments and supply chain or risk management efforts * Experience leveraging collaboration forums, such as MS Teams and SharePoint, for knowledge management and to ...

System One Holdings, LLC

Risk Analyst

Merrifield, VA · On-site

... assessment activities with service provider. o Coordinate and prepare documentation, internal communications, and status updates. Requirements: • Experience in cybersecurity risk analysis • ...

RPI Group

Senior Cybersecurity Engineer

Dahlgren, VA · On-site

Develop cybersecurity risk assessment analysis and risk mitigation plans for combat systems * Develop documentation of cybersecurity requirements, gap analysis, threat analysis, system engineering ...

next page

Showing results 1-20

People also search for

All JobsCyber Security Risk Assessment JobsCyber Security Risk Assessment Jobs in Virginia

Cyber Security Risk Assessment information

See Virginia salary details

$56.5K

$131.8K

$184.4K

How much do cyber security risk assessment jobs pay per year?

As of Jun 10, 2026, the average yearly pay for cyber security risk assessment in Virginia is $131,822.00, according to ZipRecruiter salary data. Most workers in this role earn between $110,000.00 and $148,700.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in Cyber Security Risk Assessment, and why are they important?

To excel in Cyber Security Risk Assessment, you need a solid understanding of information security principles, risk management frameworks, and often a degree in cybersecurity, IT, or related fields. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM are commonly required. Analytical thinking, attention to detail, and strong communication skills help professionals effectively assess risks and convey findings to stakeholders. These skills are crucial for identifying vulnerabilities, prioritizing threats, and ensuring the organization’s data and systems are adequately protected.

What is the difference between Cyber Security Risk Assessment vs Cyber Security Analyst?

AspectCyber Security Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating security risks and vulnerabilitiesMonitoring, analyzing, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams

While both roles require similar certifications and work within cybersecurity, a Cyber Security Risk Assessment focuses on evaluating potential vulnerabilities and risks to an organization’s assets. In contrast, a Cyber Security Analyst actively monitors and responds to security threats, ensuring ongoing protection. Understanding these differences helps organizations assign the right responsibilities to each role.

What are some common challenges faced by professionals conducting cyber security risk assessments?

Professionals in cyber security risk assessment often face challenges such as keeping up with rapidly evolving threats, effectively communicating technical risks to non-technical stakeholders, and ensuring comprehensive coverage across complex IT environments. Balancing thoroughness with tight deadlines can also be demanding, as assessments must be both detailed and timely. Collaborating with various departments to gather accurate information and maintain up-to-date asset inventories is crucial for effective risk analysis and mitigation.

What is a cyber security risk assessment?

A cyber security risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities that could negatively impact an organization's information systems. By analyzing assets, threats, vulnerabilities, and impacts, organizations can determine the likelihood and consequences of cyber incidents. The goal is to implement appropriate measures to reduce risks to acceptable levels, ensuring data protection and regulatory compliance. Regular risk assessments help organizations stay ahead of evolving cyber threats and make informed security decisions.
What are popular job titles related to Cyber Security Risk Assessment jobs in Virginia? For Cyber Security Risk Assessment jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Assessment jobs in Virginia look for? The top searched job categories for Cyber Security Risk Assessment jobs in Virginia are:
What cities in Virginia are hiring for Cyber Security Risk Assessment jobs? Cities in Virginia with the most Cyber Security Risk Assessment job openings:
Cyber Security Risk Assessment jobs near you
Infographic showing various Cyber Security Risk Assessment job openings in Virginia as of June 2026, with employment types broken down into 1% As Needed, 82% Full Time, 13% Part Time, and 4% Contract. Highlights an 91% Physical, 4% Hybrid, and 5% Remote job distribution, with an average salary of $131,822 per year, or $63.4 per hour.
Cybersecurity Assessment Lead

Cybersecurity Assessment Lead

Analygence

Virginia Beach, VA • On-site

$98K - $133K/yr

Full-time

Posted 25 days ago

Job description

Description
Tharros is seeking a Cybersecurity Assessment Lead for an upcoming program supporting a US Navy customer located at NAS Oceana. The Cybersecurity Assessment Lead serves as the senior assessor overseeing cybersecurity assessment activities supporting Risk Management Framework (RMF) authorization processes for customer networks and training systems.
This position leads independent security control validation activities, ensures RMF packages are complete and compliant, and provides cybersecurity risk analysis to the Government Security Control Assessor (SCA) and Authorizing Official (AO). The Assessment Lead provides technical direction and quality oversight for cybersecurity assessment personnel supporting RMF validation and continuous monitoring activities.
  • Lead cybersecurity assessment teams supporting RMF authorization activities across all performance locations.
  • Perform or oversee independent security control assessments for DoD information systems.
  • Validate implementation of required NIST 800-53 security controls.
  • Support Security Control Assessors (SCA) in evaluating residual cybersecurity risk.
  • Provide technical leadership and quality oversight for cybersecurity assessors supporting RMF validation efforts.

  • RMF Assessment Support
    • Lead RMF assessment activities in accordance with DoD and Department of the Navy cybersecurity requirements. Conduct or oversee independent verification and validation of implemented security controls, including initial authorization assessments and periodic reassessments. Analyze testing results and provide cybersecurity risk assessments to the Government SCA and Authorizing Official.
  • RMF Package Development and Reporting
    • Oversee preparation and delivery of RMF artifacts including:
    • Security Assessment Plans (SAP)
    • Security Assessment Reports (SAR)
    • Risk Assessment Reports (RAR)
    • System Security Plans (SSP)
    • Continuous Monitoring Strategies
    • Plans of Action & Milestones (POA&M)
    • Ensure cybersecurity artifacts are properly documented and maintained within the Enterprise Mission Assurance Support Service (eMASS) system.

Requirements
  • A Minimum 10 years of cybersecurity experience, including significant experience supporting Risk Management Framework (RMF) assessment and authorization activities for DoD or Navy systems.
  • Active Top Secret DoD Clearance.
  • Demonstrated experience leading cybersecurity assessments or validation teams supporting DoD RMF authorization processes.
  • Experience supporting Security Control Assessors (SCA) or equivalent cybersecurity assessment authorities.
  • Demonstrated experience performing or leading security control assessments, system authorization support, and cybersecurity risk evaluations in accordance with:
    • NIST SP 800-37
    • NIST SP 800-53
    • DoD RMF
    • DoN RMF Process Guide
  • Expert knowledge of DoD RMF and the DoN RMF Process Guide.
  • Experience using eMASS for RMF package preparation and maintenance.
  • Knowledge of CNSSI 1253 and ICD 503 cybersecurity requirements.
  • Strong leadership and team management capabilities.
  • Ability to provide cybersecurity risk analysis to senior Government stakeholders.
  • Strong technical writing skills for cybersecurity assessment documentation.
  • Familiarity with Navy network architecture and training system environments.

Apply