1

It Risk Jobs in Virginia (NOW HIRING)

Identify and quantify IT risk factors for EHR application security and related infrastructure. * Working knowledge and experience with Keystone Edge, Microsoft OS, MS Office, DocuSign, Panda. * Apply ...

IT Audit Senior

Alexandria, VA · On-site

$80K - $100K/yr

IT Audit Senior Are you ready to take the next step in your IT audit career? Join Castro amp ... Identify and Communicate Risk : Analyze IT environments, pinpoint control gaps, and clearly present ...

The IT Risk Assessor is responsible for assisting with meeting security and compliance requirements per state and federal standards. The risk assessor will review information system security controls ...

The IT Risk Assessor is responsible for assisting with meeting security and compliance requirements per state and federal standards. The risk assessor will review information system security controls ...

Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...

Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...

The winning candidate will be responsible for managing IT audit and risk/security assessment engagements. This individual will be tasked with scoping, planning, executing, and reviewing audit and ...

next page

Showing results 1-20

It Risk information

See Virginia salary details

$14

$30

$73

How much do it risk jobs pay per hour?

As of Jul 7, 2026, the average hourly pay for it risk in Virginia is $30.08, according to ZipRecruiter salary data. Most workers in this role earn between $19.33 and $38.37 per hour, depending on experience, location, and employer.

What is IT risk?

IT risk refers to the potential for losses or negative impacts to an organization resulting from the use of information technology. This includes threats such as data breaches, cyberattacks, system failures, and non-compliance with regulations. IT risk management involves identifying, assessing, and mitigating these risks to protect an organization’s information assets and ensure business continuity.

What is the difference between It Risk vs Cybersecurity Analyst?

AspectIt RiskCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRisk management teams, compliance departmentsSecurity operations centers, IT departments
Employer & Industry UsageFinancial, healthcare, and large enterprisesTech firms, finance, government agencies

It Risk professionals focus on identifying, assessing, and mitigating risks related to IT systems and compliance. Cybersecurity Analysts primarily monitor and respond to security threats and incidents. While both roles require similar certifications and work in overlapping environments, It Risk emphasizes risk management strategies, whereas Cybersecurity Analysts concentrate on security operations and threat response.

What are the key skills and qualifications needed to thrive as an IT Risk professional, and why are they important?

To thrive as an IT Risk professional, you need a strong understanding of information security principles, risk management frameworks, and relevant regulations, typically supported by a degree in information technology or cybersecurity. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) systems, and certifications such as CISM or CISSP is highly valued. Analytical thinking, attention to detail, and effective communication are vital soft skills for identifying vulnerabilities and collaborating with stakeholders. These competencies are crucial for proactively managing threats and ensuring the organization's information assets remain secure and compliant.

What are some common challenges faced by IT Risk professionals when working with cross-functional teams?

IT Risk professionals often collaborate with various departments such as IT, compliance, finance, and operations. A common challenge is effectively communicating technical risks in terms that non-technical stakeholders can understand, ensuring alignment on priorities and mitigation strategies. Navigating differing risk tolerances and balancing business needs with security requirements can also present difficulties. Building strong relationships and fostering ongoing dialogue are key to overcoming these challenges and ensuring successful risk management across the organization.
What are the most commonly searched types of It Risk jobs in Virginia? The most popular types of It Risk jobs in Virginia are:
What cities in Virginia are hiring for It Risk jobs? Cities in Virginia with the most It Risk job openings:
Infographic showing various It Risk job openings in Virginia as of July 2026, with employment types broken down into 1% As Needed, 76% Full Time, 19% Part Time, and 4% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $62,558 per year, or $30.1 per hour.
Consultant - Financial Management (FM) IT Risk and Controls - Defense & Security - Campus 2026

Consultant - Financial Management (FM) IT Risk and Controls - Defense & Security - Campus 2026

Guidehouse

Mclean, VA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement

Re-posted 13 days ago


Guidehouse rating

7.5

Company rating: 7.5 out of 10

Based on 26 frontline employees who took The Breakroom Quiz

36th of 58 rated business consultants


Job description

Job Family:
Finance & Accounting Consulting
Travel Required:
Up to 10%
Clearance Required:
Ability to Obtain Secret
What You Will Do:
Our 2026 Campus Defense & Security Financial Management (FM) IT Risk and Controls consultants help our clients within Defense & National Security optimize all elements of their financial management structure by transforming business processes, enhancing the efficiency of operations, improving transparency and performance management, promoting change management, and complying with Federal laws and regulations. Our new consultants will also build their professional and personal consulting skillsets while gaining a strong understanding of consulting within a financial capability.
This entry level role will be responsible for technical delivery of efforts supporting Defense & Security clients with IT risk and controls assessments, remediation, and other related support. The clients are responsible for coordinating and monitoring internal controls for their organizations, including performing assessments in accordance with OMB Circular A-123 and assisting other program offices with remediation and other related internal controls tasks.
The IT Risk & Controls Consultant will have a role in working directly with clients and other organizational stakeholders to support IT internal control efforts, including assessments, remediation, and other ad-hoc efforts.
Day-to-day tasks include overseeing/performing some or all of the following:
  • Performing rigorous assessments of IT controls using industry-standard guidance and leading practices
  • Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including system personnel such as system and database administrators
  • Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing IT controls testing such as security plans, SOPs, system screenshots, and system configuration settings
  • Evaluating the design and operating effectiveness of IT controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement
  • Professionally documenting the results of IT controls test work in a consistent and high-quality manner that would allow a reviewer to repeat the test and reach the same conclusion
  • Summarizing and communicating IT controls assessment results to a variety of client stakeholders, including senior leadership personnel
  • Planning and executing day-to-day activities of IT controls assessments individually and for the team
  • Working with client personnel to understand and analyze known IT control weaknesses, identify root causes, and develop detailed, robust remediation plans
  • Providing subject matter expertise to client personnel on all matters relating to IT controls and responding to ad-hoc IT controls requests from client personnel

In addition to client-facing responsibilities, this entry level role will support important activities that contribute to the growth of our business, strengthen internal Guidehouse operations, and create a positive work environment for all Guidehouse employees. Some of these activities include but are not limited to:
  • Assisting in business development activities, such as identifying potential client needs and ways Guidehouse can assist, developing proposals and white papers, participating in client and internal account meetings, and more
  • Participating in Guidehouse's programs for coaching and mentoring staff
  • Assisting in the development of learning and development materials, courses, and presentations to help Guidehouse employees expand and strengthen their skills
  • Support Guidehouse programs and initiatives for recruiting top talent to the company

What You Will Need:
  • Must be able to obtain and maintain a Public Trust, Secret, or higher level of federal/government security clearance.
  • US Citizenship is required for security clearance
  • Completing a Bachelor's degree between fall 2025 and summer 2026 from an accredited college or university
  • Strong organizational and communication skills
  • Interest in growing a career in Government/Federal/Defense and National Security consulting
  • Ability to synthesize information quickly and learn new skills, view problems, apply a variety of analytical solutions, and participate in client-facing discussions and meetings
  • Ability to work in teams to produce high-impact work products, reports, and other deliverables in a fast-paced environment
  • Willingness to utilize project management best practices within an organization to produce high quality deliverables in a timely manner

What Would Be Nice To Have:
  • An ACTIVE and MAINTAINED "SECRET" Federal or DoD security clearance; or higher-level clearance
  • Bachelor's or Master's degree specializing in Information Systems, Information Technology, Computer Information Systems, Business Information Technology, Computer Science, Accounting, Audit Readiness
  • Certified Information Systems Auditor (CISA) Certification
  • Knowledge of cybersecurity and privacy controls and regulations (e.g., NIST, FISMA, FISCAM, etc.)
  • Familiarity with operating systems (e.g., Windows or UNIX), databases (e.g., Oracle, SQL) vulnerability management tools (e.g., Nessus), configuration management tools, and other tools that support a successful cyber security program for an organization
  • Knowledge and understanding of project management principles and the phases of project management (Initiation, Planning, Execution, Monitoring, Closure)
  • Experience working in teams to produce high-impact work products, reports, and other deliverables in a fast-paced environment
  • Heightened attention to detail, and the ability to create and edit technical and non-technical written work products and graphical presentations
  • Ability to view problems from multiple angles and apply a variety of solutions to solving them
  • Ability to participate in client-facing discussions and meetings
  • Ability to synthesize information quickly and learn new skills
  • Desire to support public sector clients with a national security mission
  • Passionate about reinvesting in the company you work for and representing the company's brand
  • Strong organizational and communication skills
  • Interest in growing a career in consulting, preferably federal government consulting
  • Possess strong oral and written communication skills

#LI-DNI
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
  • Medical, Rx, Dental & Vision Insurance
  • Personal and Family Sick Time & Company Paid Holidays
  • Position may be eligible for a discretionary variable incentive bonus
  • Parental Leave and Adoption Assistance
  • 401(k) Retirement Plan
  • Basic Life & Supplemental Life
  • Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
  • Short-Term & Long-Term Disability
  • Student Loan PayDown
  • Tuition Reimbursement, Personal Development & Learning Opportunities
  • Skills Development & Certifications
  • Employee Referral Program
  • Corporate Sponsored Events & Community Outreach
  • Emergency Back-Up Childcare Program
  • Mobility Stipend

About Guidehouse
Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or guidehouse@myworkday.com. Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.
If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact recruiting@guidehouse.com. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

What Guidehouse employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom