Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Quick apply
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
... risk management experience in DoD/Federal environments * Strong analytical and communication skills * Familiarity with RMF and cybersecurity risk concepts * Active Secret clearance *Position ...
Experience in cybersecurity risk analysis * Knowledge of information security standards and ... Proven project management skills. * Experience performing information security risk assessments.
Quick apply
Experience in cybersecurity risk analysis * Knowledge of information security standards and ... Proven project management skills. * Experience performing information security risk assessments.
... risk management activities into the system development lifecycle (SDLC), including selection, implementation, & validation of security controls Serve as the primary cybersecurity interface with ...
... risk management activities into the system development lifecycle (SDLC), including selection, implementation, & validation of security controls Serve as the primary cybersecurity interface with ...
Program Risk Manager
Herndon, VA · On-site
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMI-RMP or ISACA CRISC certification. * Experience: Progressive risk ...
Program Risk Manager
Herndon, VA · On-site
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMI-RMP or ISACA CRISC certification. * Experience: Progressive risk ...
Program Risk Manager
Herndon, VA · On-site
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMIRMP or ISACA CRISC certification. * Experience: Progressive risk ...
Program Risk Manager
Herndon, VA · On-site
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMIRMP or ISACA CRISC certification. * Experience: Progressive risk ...
Risk Analyst
Merrifield, VA · On-site
Requirements: • Experience in cybersecurity risk analysis • Knowledge of information security ... • Proven project management skills. • Experience performing information security risk ...
Risk Analyst
Merrifield, VA · On-site
Requirements: • Experience in cybersecurity risk analysis • Knowledge of information security ... • Proven project management skills. • Experience performing information security risk ...
Program Risk Manager
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMIRMP or ISACA CRISC certification. * Experience: Progressive risk ...
Program Risk Manager
$86K - $138K/yr
Master's degree in relevant field (e.g., Risk Management, Cybersecurity, Systems Engineering, Business Administration); OR * PMIRMP or ISACA CRISC certification. * Experience: Progressive risk ...
This role partners with the Chief Risk Officer (CRO) and the Enterprise Risk Management team in identifying, assessing, and monitoring the organization's technology and cybersecurity risk profile to ...
New
Quick apply
This role partners with the Chief Risk Officer (CRO) and the Enterprise Risk Management team in identifying, assessing, and monitoring the organization's technology and cybersecurity risk profile to ...
New
... chain management, e-commerce solutions, and B2B public exchanges and B2B process integration ... Responsible for developing and executing risk mitigation concepts, plans and services used to ...
... chain management, e-commerce solutions, and B2B public exchanges and B2B process integration ... Responsible for developing and executing risk mitigation concepts, plans and services used to ...
Cyber Security Sr. Manager
Ashburn, VA · On-site
$145K - $160K/yr
Drawing on cybersecurity and risk management best practices used across the NFL, this role will guide strategy, lead incident response functions, ensure compliance with league-wide requirements, and ...
Cyber Security Sr. Manager
Ashburn, VA · On-site
$145K - $160K/yr
Drawing on cybersecurity and risk management best practices used across the NFL, this role will guide strategy, lead incident response functions, ensure compliance with league-wide requirements, and ...
This includes assessing cybersecurity risk, control testing and monitoring, identification and ... Responsibilities As a SRR Compliance Management Specialist, you will be responsible for ...
This includes assessing cybersecurity risk, control testing and monitoring, identification and ... Responsibilities As a SRR Compliance Management Specialist, you will be responsible for ...
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst
Washington, DC · On-site
$114.41K - $126.78K/yr
The Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst supports the Agency's Office of the Chief Information Officer (OCIO) by managing cybersecurity risks associated with the Agency ...
Quick apply
Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst
Washington, DC · On-site
$114.41K - $126.78K/yr
The Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst supports the Agency's Office of the Chief Information Officer (OCIO) by managing cybersecurity risks associated with the Agency ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. Develop, enhance, and maintain standard ...
Cyber Security Project Engineer - TS/SCI w/Polygraph
$152.11K - $205.80K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cybersecurity Risk Management, Documentations, Information Assurance Certifications: None Experience: 8 + years of related experience US ...
New
Cyber Security Project Engineer - TS/SCI w/Polygraph
$152.11K - $205.80K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cybersecurity Risk Management, Documentations, Information Assurance Certifications: None Experience: 8 + years of related experience US ...
New
Cyber Supply Chain Risk Management (C-SCRM), Enterprise Cybersecurity Architecture, Vendor Risk Management, Federal Information Assurance Overview At phia we hire talented and passionate people who ...
New
Quick apply
Cyber Supply Chain Risk Management (C-SCRM), Enterprise Cybersecurity Architecture, Vendor Risk Management, Federal Information Assurance Overview At phia we hire talented and passionate people who ...
New
About the Team We are seeking a highly skilled Principal cybersecurity engineer to architect the development of our internal suite of Cybersecurity Risk Management and Automation tools. This role ...
About the Team We are seeking a highly skilled Principal cybersecurity engineer to architect the development of our internal suite of Cybersecurity Risk Management and Automation tools. This role ...
About the Team We are seeking a highly skilled Principal cybersecurity engineer to architect the development of our internal suite of Cybersecurity Risk Management and Automation tools. This role ...
About the Team We are seeking a highly skilled Principal cybersecurity engineer to architect the development of our internal suite of Cybersecurity Risk Management and Automation tools. This role ...
Cybersecurity Risk Management information
See Reston, VA salary details
$59.3K - $71.5K
1% of jobs
$71.5K - $83.7K
4% of jobs
$83.7K - $95.9K
5% of jobs
$95.9K - $108.1K
9% of jobs
$114.8K is the 25th percentile. Wages below this are outliers.
$108.1K - $120.3K
11% of jobs
$120.3K - $132.5K
10% of jobs
The median wage is $137.2K / yr.
$132.5K - $144.7K
28% of jobs
$151.7K is the 75th percentile. Wages above this are outliers.
$144.7K - $156.9K
14% of jobs
$156.9K - $169.1K
11% of jobs
$169.1K - $181.3K
4% of jobs
$181.3K - $193.5K
4% of jobs
$59.3K
$138.3K
$193.5K
How much do cybersecurity risk management jobs pay per year?
As of May 30, 2026, the average yearly pay for cybersecurity risk management in Reston, VA is $138,328.00, according to ZipRecruiter salary data. Most workers in this role earn between $115,500.00 and $156,100.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?
To thrive in Cybersecurity Risk Management, you need a solid understanding of information security principles, risk assessment methodologies, compliance standards, and typically a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security tools, and professional certifications like CISSP or CRISC is highly valued. Strong analytical thinking, effective communication, and problem-solving skills help professionals translate technical risks for non-technical stakeholders and foster collaboration. These competencies are crucial to proactively identifying threats, managing vulnerabilities, and ensuring organizational resilience in a rapidly evolving digital landscape.
What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?
Professionals in Cybersecurity Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, balancing security needs with business objectives, and ensuring compliance with industry regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and close collaboration with IT, legal, and business teams. Building strong partnerships across departments and investing in ongoing training can help mitigate these obstacles and support proactive risk management.
What is cybersecurity risk management?
Cybersecurity risk management is the process of identifying, assessing, and prioritizing risks to an organization's digital assets and information systems. It involves implementing strategies and controls to minimize the impact of potential cyber threats, such as data breaches, malware, and unauthorized access. The goal is to balance security measures with business needs, ensuring sensitive information remains protected while maintaining operational efficiency. Effective risk management is ongoing, adapting to new threats and changes within the organization.
What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Management | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Financial, healthcare, government, large enterprises | IT departments, cybersecurity firms, corporate security teams |
Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.
What are popular job titles related to Cybersecurity Risk Management jobs in Reston, VA? For Cybersecurity Risk Management jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management jobs in Reston, VA look for? The top searched job categories for Cybersecurity Risk Management jobs in Reston, VA are:
What cities near Reston, VA are hiring for Cybersecurity Risk Management jobs? Cities near Reston, VA with the most Cybersecurity Risk Management job openings:
Full-time
Posted 24 days ago
Job description
Salary:
Subject Matter Expert (SME) Cybersecurity & Risk Assessment
Secret Clearance Required
Overview:
The Subject Matter Expert (SME) provides advanced technical expertise to support assessment operations, with a focus on cybersecurity, risk analysis, and program integrity. This role is responsible for enhancing operational processes, developing standard operating procedures (SOPs), and ensuring the confidentiality, integrity, and effectiveness of security-related initiatives. The SME works cross-functionally to evaluate systems, identify vulnerabilities, and recommend mitigation strategies in alignment with federal and industry standards.
________________________________________
Key Responsibilities:
Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management.
Develop, enhance, and maintain standard operating procedures (SOPs) to support assessment execution and implementation.
Conduct security assessments and hands-on testing, analyze results, document risks, and recommend appropriate countermeasures.
Identify, evaluate, and report on system vulnerabilities, threats, and security gaps.
Review and provide recommendations on program-level documentation, including:
o Requirements specifications
o System architecture and design documents
o Test plans and security plans
Develop and document security evaluation test plans and procedures.
Support the development and implementation of information security policies, standards, and guidance.
Ensure compliance with applicable frameworks and regulations (e.g., FISMA, NIST, OMB).
Perform risk assessments, including analyzing threats, vulnerabilities, and potential impacts.
Coordinate with cross-functional teams and stakeholders to support security testing and program objectives.
Lead or participate in technical exchange meetings, documenting outcomes and action items.
Prepare and deliver briefings to leadership on project status, risks, and key findings.
Analyze and synthesize data from multiple sources to produce clear, actionable insights for both technical and non-technical audiences.
Provide oversight for the design, development, and implementation of security support systems.
Collaborate with stakeholders to map system functionality to security controls and compliance requirements.
________________________________________
Qualifications:
Education:
o Masters degree (MS/MA) in Cybersecurity, Information Technology, Computer Science, or a related field
Experience:
o Minimum of 8+ years of relevant experience in cybersecurity, risk management, or assessment operations
o Experience supporting federal or highly regulated environments preferred
Certifications (preferred):
o CISSP, CISM, CISA, CEH, or other relevant industry certifications
________________________________________
Required Skills & Expertise:
Strong knowledge of cybersecurity frameworks and standards (FISMA, NIST, OMB, etc.)
Experience with risk assessments, vulnerability analysis, and security testing methodologies
Ability to translate complex technical concepts into clear documentation and briefings
Familiarity with security documentation development, including risk assessments, contingency plans, and test reports
Strong analytical, problem-solving, and communication skills
Ability to work independently and collaboratively in a fast-paced environment