Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Quick apply
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst Location: Washington, DC Schedule: Onsite, 5 days/week Position Type: Direct Hire Clearance Required: Active TS clearance required at ...
Quick apply
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst Location: Washington, DC Schedule: Onsite, 5 days/week Position Type: Direct Hire Clearance Required: Active TS clearance required at ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Quick apply
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
This role will support enterprise cybersecurity risk management, Assessment and Authorization, continuous monitoring, FISMA compliance, secure cloud and hybrid engineering, and risk-based decision ...
New
This role will support enterprise cybersecurity risk management, Assessment and Authorization, continuous monitoring, FISMA compliance, secure cloud and hybrid engineering, and risk-based decision ...
New
This role will focus on enterprise cybersecurity risk management, Assessment and Authorization, and risk-based decision support while collaborating with various stakeholders to enhance security ...
New
This role will focus on enterprise cybersecurity risk management, Assessment and Authorization, and risk-based decision support while collaborating with various stakeholders to enhance security ...
New
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Share Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Share Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
Cybersecurity Risk Analyst
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
Cybersecurity Risk Analyst
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly ... Experience using AI tools and collaboration and knowledge management products such as Microsoft ...
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Align cybersecurity strategy with business objectives and regulatory requirements * Provide executive-level reporting on risk posture, compliance status, and remediation efforts Risk Management:
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Align cybersecurity strategy with business objectives and regulatory requirements * Provide executive-level reporting on risk posture, compliance status, and remediation efforts Risk Management:
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field 8+ years of experience in cybersecurity, with at least 3-5 years in GRC or risk management leadership ...
GRC Lead / Cyber Risk Manager
$125K - $169K/yr
Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field 8+ years of experience in cybersecurity, with at least 3-5 years in GRC or risk management leadership ...
This role will support enterprise cybersecurity risk management, Assessment and Authorization, continuous monitoring, FISMA compliance, secure cloud and hybrid engineering, and risk-based decision ...
New
This role will support enterprise cybersecurity risk management, Assessment and Authorization, continuous monitoring, FISMA compliance, secure cloud and hybrid engineering, and risk-based decision ...
New
Senior Security Risk Management Engineer
Washington, DC · On-site
$150K - $175K/yr
This position bridges the gap between cybersecurity engineering, governance, and authorization activities, ensuring systems achieve and maintain authorization while managing risk across the DHS I&A ...
Quick apply
Senior Security Risk Management Engineer
Washington, DC · On-site
$150K - $175K/yr
This position bridges the gap between cybersecurity engineering, governance, and authorization activities, ensuring systems achieve and maintain authorization while managing risk across the DHS I&A ...
Risk Manager
$155K - $165K/yr
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Quick apply
Risk Manager
$155K - $165K/yr
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Senior Security Risk Management Engineer
Washington, DC · Hybrid
$129K - $177K/yr
This position bridges the gap between cybersecurity engineering, governance, and authorization activities, ensuring systems achieve and maintain authorization while managing risk across the DHS I&A ...
Senior Security Risk Management Engineer
Washington, DC · Hybrid
$129K - $177K/yr
This position bridges the gap between cybersecurity engineering, governance, and authorization activities, ensuring systems achieve and maintain authorization while managing risk across the DHS I&A ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Risk Manager
Rockville, MD · On-site
... cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security ...
Senior Cyber Risk Engineer
Arlington, VA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Arlington, VA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Cybersecurity Risk Management information
See Reston, VA salary details
$59.3K - $71.5K
1% of jobs
$71.5K - $83.7K
4% of jobs
$83.7K - $95.9K
5% of jobs
$95.9K - $108.1K
9% of jobs
$114.8K is the 25th percentile. Wages below this are outliers.
$108.1K - $120.3K
11% of jobs
$120.3K - $132.5K
10% of jobs
The median wage is $137.2K / yr.
$132.5K - $144.7K
28% of jobs
$151.7K is the 75th percentile. Wages above this are outliers.
$144.7K - $156.9K
14% of jobs
$156.9K - $169.1K
11% of jobs
$169.1K - $181.3K
4% of jobs
$181.3K - $193.5K
4% of jobs
$59.3K
$138.3K
$193.5K
How much do cybersecurity risk management jobs pay per year?
Can I make $200,000 a year in cyber security?
What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?
How much does a cybersecurity risk analyst make?
What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Management | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Financial, healthcare, government, large enterprises | IT departments, cybersecurity firms, corporate security teams |
Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.
What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?
What does a cyber risk manager do?
What is cybersecurity risk management?
Can you make $500,000 a year in cyber security?

Full-time
Re-posted 19 days ago
Job description
Subject Matter Expert (SME) - Cybersecurity & Risk Assessment
Overview:
The Subject Matter Expert (SME) provides advanced technical expertise to support assessment operations, with a focus on cybersecurity, risk analysis, and program integrity. This role is responsible for enhancing operational processes, developing standard operating procedures (SOPs), and ensuring the confidentiality, integrity, and effectiveness of security-related initiatives. The SME works cross-functionally to evaluate systems, identify vulnerabilities, and recommend mitigation strategies in alignment with federal and industry standards.
________________________________________
Key Responsibilities:
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management.
Develop, enhance, and maintain standard operating procedures (SOPs) to support assessment execution and implementation.
Conduct security assessments and hands-on testing, analyze results, document risks, and recommend appropriate countermeasures.
Identify, evaluate, and report on system vulnerabilities, threats, and security gaps.
Review and provide recommendations on program-level documentation, including:
o Requirements specifications
o System architecture and design documents
o Test plans and security plans
Develop and document security evaluation test plans and procedures.
Support the development and implementation of information security policies, standards, and guidance.
Ensure compliance with applicable frameworks and regulations (e.g., FISMA, NIST, OMB).
Perform risk assessments, including analyzing threats, vulnerabilities, and potential impacts.
Coordinate with cross-functional teams and stakeholders to support security testing and program objectives.
Lead or participate in technical exchange meetings, documenting outcomes and action items.
Prepare and deliver briefings to leadership on project status, risks, and key findings.
Analyze and synthesize data from multiple sources to produce clear, actionable insights for both technical and non-technical audiences.
Provide oversight for the design, development, and implementation of security support systems.
Collaborate with stakeholders to map system functionality to security controls and compliance requirements.
________________________________________
Qualifications:
Education:
o Master's degree (MS/MA) in Cybersecurity, Information Technology, Computer Science, or a related field
Experience:
o Minimum of 8+ years of relevant experience in cybersecurity, risk management, or assessment operations
o Experience supporting federal or highly regulated environments preferred
Certifications (preferred):
o CISSP, CISM, CISA, CEH, or other relevant industry certifications
________________________________________
Required Skills & Expertise:
Strong knowledge of cybersecurity frameworks and standards (FISMA, NIST, OMB, etc.)
Experience with risk assessments, vulnerability analysis, and security testing methodologies
Ability to translate complex technical concepts into clear documentation and briefings
Familiarity with security documentation development, including risk assessments, contingency plans, and test reports
Strong analytical, problem-solving, and communication skills
Ability to work independently and collaboratively in a fast-paced environment