Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst Location: Washington, DC Schedule: Onsite, 5 days/week Position Type: Direct Hire Clearance Required: Active TS clearance required at ...
Quick apply
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst Location: Washington, DC Schedule: Onsite, 5 days/week Position Type: Direct Hire Clearance Required: Active TS clearance required at ...
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Align cybersecurity strategy with business objectives and regulatory requirements * Provide executive-level reporting on risk posture, compliance status, and remediation efforts Risk Management:
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Align cybersecurity strategy with business objectives and regulatory requirements * Provide executive-level reporting on risk posture, compliance status, and remediation efforts Risk Management:
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field 8+ years of experience in cybersecurity, with at least 3-5 years in GRC or risk management leadership ...
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field 8+ years of experience in cybersecurity, with at least 3-5 years in GRC or risk management leadership ...
Introduction As the state's IT leader, DoIT manages information technology and telecommunications ... cybersecurity risk assessments and the policy lifecycle.\r\nAs the primary analyst for third-party ...
Introduction As the state's IT leader, DoIT manages information technology and telecommunications ... cybersecurity risk assessments and the policy lifecycle.\r\nAs the primary analyst for third-party ...
Risk Manager
$155K - $165K/yr
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Quick apply
Risk Manager
$155K - $165K/yr
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · On-site
The C-SCRM Subject Matter Expert will support GSA FAS/ASD in maturing its Cybersecurity Supply Chain Risk Management program from a compliance-focused model to a proactive, risk-informed enterprise ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · On-site
The C-SCRM Subject Matter Expert will support GSA FAS/ASD in maturing its Cybersecurity Supply Chain Risk Management program from a compliance-focused model to a proactive, risk-informed enterprise ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · Remote
The C-SCRM Subject Matter Expert will support GSA FAS/ASD in maturing its Cybersecurity Supply Chain Risk Management program from a compliance-focused model to a proactive, risk-informed enterprise ...
New
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · Remote
The C-SCRM Subject Matter Expert will support GSA FAS/ASD in maturing its Cybersecurity Supply Chain Risk Management program from a compliance-focused model to a proactive, risk-informed enterprise ...
New
Cybersecurity Program Manager
$118K - $160K/yr
Oversee cybersecurity risk management, compliance, and reporting activities. * Manage Assessment & Authorization (A&A) and Authorization to Operate (ATO) processes. * Support federal cybersecurity ...
Quick apply
Cybersecurity Program Manager
$118K - $160K/yr
Oversee cybersecurity risk management, compliance, and reporting activities. * Manage Assessment & Authorization (A&A) and Authorization to Operate (ATO) processes. * Support federal cybersecurity ...
Share Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows ...
Share Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows ...
Enterprise Cybersecurity and IT Risk Management Operations Lead
Mclean, VA · On-site
$112K - $257K/yr
Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows including user ...
Enterprise Cybersecurity and IT Risk Management Operations Lead
Mclean, VA · On-site
$112K - $257K/yr
Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows including user ...
Enterprise Cybersecurity and IT Risk Management Operations Lead
Mclean, VA · On-site
$112K - $257K/yr
Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows including user ...
Enterprise Cybersecurity and IT Risk Management Operations Lead
Mclean, VA · On-site
$112K - $257K/yr
Enterprise Cybersecurity and IT Risk Management Operations Lead The Opportunity: Direct the daily operations of the cybersecurity and IT risk management team, overseeing core workflows including user ...
Cyber Risk & Compliance SME
Washington, DC · On-site
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Cyber Risk & Compliance SME
Washington, DC · On-site
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
ASSYST is seeking a Cybersecurity Risk Advisor to support federal Cybersecurity program. The ... They will act as the subject matter expert in all areas of the Risk Management Framework (RMF) and ...
Quick apply
ASSYST is seeking a Cybersecurity Risk Advisor to support federal Cybersecurity program. The ... They will act as the subject matter expert in all areas of the Risk Management Framework (RMF) and ...
GD Resources is a Veteran Women-Owned Business Management and Information Technology company ... Cybersecurity Risk Assessment Consultant Location: Hybrid (onsite work possibly at various ...
Quick apply
GD Resources is a Veteran Women-Owned Business Management and Information Technology company ... Cybersecurity Risk Assessment Consultant Location: Hybrid (onsite work possibly at various ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
Cybersecurity Risk Management information
See Lanham, MD salary details
$57K - $68.8K
1% of jobs
$68.8K - $80.5K
4% of jobs
$80.5K - $92.3K
5% of jobs
$92.3K - $104K
9% of jobs
$110.5K is the 25th percentile. Wages below this are outliers.
$104K - $115.7K
11% of jobs
$115.7K - $127.5K
10% of jobs
The median wage is $132K / yr.
$127.5K - $139.2K
28% of jobs
$146K is the 75th percentile. Wages above this are outliers.
$139.2K - $150.9K
14% of jobs
$150.9K - $162.7K
11% of jobs
$162.7K - $174.4K
4% of jobs
$174.4K - $186.2K
4% of jobs
$57K
$133.1K
$186.2K
How much do cybersecurity risk management jobs pay per year?
As of Jun 15, 2026, the average yearly pay for cybersecurity risk management in Lanham, MD is $133,073.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,100.00 and $150,100.00 per year, depending on experience, location, and employer.
What is the role of a risk manager in cybersecurity?
A cybersecurity risk manager identifies, assesses, and prioritizes security risks to an organization’s information systems. They develop strategies to mitigate threats, implement security controls, and ensure compliance with industry standards, often using tools like risk assessment frameworks and security audits. Their role is essential in protecting digital assets and supporting overall cybersecurity posture.
Is security risk management a good career?
Security risk management is a valuable career in cybersecurity, focusing on identifying and mitigating threats to organizational assets. It often requires knowledge of security frameworks, risk assessment tools, and certifications like CISSP or CISM. The field offers strong job growth, competitive salaries, and opportunities across various industries.
What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?
Professionals in Cybersecurity Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, balancing security needs with business objectives, and ensuring compliance with industry regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and close collaboration with IT, legal, and business teams. Building strong partnerships across departments and investing in ongoing training can help mitigate these obstacles and support proactive risk management.
What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Management | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Financial, healthcare, government, large enterprises | IT departments, cybersecurity firms, corporate security teams |
Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.
What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?
To thrive in Cybersecurity Risk Management, you need a solid understanding of information security principles, risk assessment methodologies, compliance standards, and typically a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security tools, and professional certifications like CISSP or CRISC is highly valued. Strong analytical thinking, effective communication, and problem-solving skills help professionals translate technical risks for non-technical stakeholders and foster collaboration. These competencies are crucial to proactively identifying threats, managing vulnerabilities, and ensuring organizational resilience in a rapidly evolving digital landscape.
What is cybersecurity risk management?
Cybersecurity risk management is the process of identifying, assessing, and prioritizing risks to an organization's digital assets and information systems. It involves implementing strategies and controls to minimize the impact of potential cyber threats, such as data breaches, malware, and unauthorized access. The goal is to balance security measures with business needs, ensuring sensitive information remains protected while maintaining operational efficiency. Effective risk management is ongoing, adapting to new threats and changes within the organization.
What is risk management in cyber security?
In cybersecurity risk management, professionals identify, assess, and prioritize potential security threats to an organization’s information systems. They implement strategies and controls to mitigate or accept risks, often using frameworks like NIST or ISO 27001, and may hold certifications such as CISSP or CISM to ensure effective risk handling.
Can you make $500,000 a year in cyber security?
Cybersecurity risk management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or with extensive experience and specialized certifications like CISSP or CISM. High salaries are often associated with executive positions, consulting, or working in large organizations with complex security needs.
What are popular job titles related to Cybersecurity Risk Management jobs in Lanham, MD? For Cybersecurity Risk Management jobs in Lanham, MD, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management jobs in Lanham, MD look for? The top searched job categories for Cybersecurity Risk Management jobs in Lanham, MD are:
What cities near Lanham, MD are hiring for Cybersecurity Risk Management jobs? Cities near Lanham, MD with the most Cybersecurity Risk Management job openings:
Full-time
Posted 23 days ago
Job description
Subject Matter Expert (SME) - Cybersecurity & Risk Assessment
Overview:
The Subject Matter Expert (SME) provides advanced technical expertise to support assessment operations, with a focus on cybersecurity, risk analysis, and program integrity. This role is responsible for enhancing operational processes, developing standard operating procedures (SOPs), and ensuring the confidentiality, integrity, and effectiveness of security-related initiatives. The SME works cross-functionally to evaluate systems, identify vulnerabilities, and recommend mitigation strategies in alignment with federal and industry standards.
________________________________________
Key Responsibilities:
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management.
Develop, enhance, and maintain standard operating procedures (SOPs) to support assessment execution and implementation.
Conduct security assessments and hands-on testing, analyze results, document risks, and recommend appropriate countermeasures.
Identify, evaluate, and report on system vulnerabilities, threats, and security gaps.
Review and provide recommendations on program-level documentation, including:
o Requirements specifications
o System architecture and design documents
o Test plans and security plans
Develop and document security evaluation test plans and procedures.
Support the development and implementation of information security policies, standards, and guidance.
Ensure compliance with applicable frameworks and regulations (e.g., FISMA, NIST, OMB).
Perform risk assessments, including analyzing threats, vulnerabilities, and potential impacts.
Coordinate with cross-functional teams and stakeholders to support security testing and program objectives.
Lead or participate in technical exchange meetings, documenting outcomes and action items.
Prepare and deliver briefings to leadership on project status, risks, and key findings.
Analyze and synthesize data from multiple sources to produce clear, actionable insights for both technical and non-technical audiences.
Provide oversight for the design, development, and implementation of security support systems.
Collaborate with stakeholders to map system functionality to security controls and compliance requirements.
________________________________________
Qualifications:
Education:
o Master's degree (MS/MA) in Cybersecurity, Information Technology, Computer Science, or a related field
Experience:
o Minimum of 8+ years of relevant experience in cybersecurity, risk management, or assessment operations
o Experience supporting federal or highly regulated environments preferred
Certifications (preferred):
o CISSP, CISM, CISA, CEH, or other relevant industry certifications
________________________________________
Required Skills & Expertise:
Strong knowledge of cybersecurity frameworks and standards (FISMA, NIST, OMB, etc.)
Experience with risk assessments, vulnerability analysis, and security testing methodologies
Ability to translate complex technical concepts into clear documentation and briefings
Familiarity with security documentation development, including risk assessments, contingency plans, and test reports
Strong analytical, problem-solving, and communication skills
Ability to work independently and collaboratively in a fast-paced environment