1

Operations Risk Analyst Jobs in Virginia (NOW HIRING)

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Operational Technology (OT) and Systems Engineering (SE) experience in complex enterprise ...

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Operational Technology (OT) and Systems Engineering (SE) experience in complex enterprise ...

Freddie Mac is seeking an Operational Risk Professional to join the Investments & Capital Markets ... Detail-oriented, analytical and good written and verbal communication skills * Ability to ...

next page

Showing results 1-20

Operations Risk Analyst information

See Virginia salary details

$38.7K

$85.1K

$153.7K

How much do operations risk analyst jobs pay per year?

As of Jul 14, 2026, the average yearly pay for operations risk analyst in Virginia is $85,103.00, according to ZipRecruiter salary data. Most workers in this role earn between $64,900.00 and $103,600.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an Operations Risk Analyst, and why are they important?

To thrive as an Operations Risk Analyst, you need strong analytical skills, attention to detail, and a background in finance, risk management, or a related field, often supported by a relevant degree. Familiarity with risk assessment tools, data analysis software (such as Excel, SAS, or Python), and sometimes certifications like FRM or ORM are typically required. Excellent problem-solving abilities, communication skills, and the ability to work collaboratively with cross-functional teams distinguish top performers. These skills and qualities are crucial for accurately identifying, evaluating, and mitigating operational risks that can impact organizational performance and compliance.

What is the difference between Operations Risk Analyst vs Compliance Analyst?

AspectOperations Risk AnalystCompliance Analyst
Required CredentialsBachelor's in finance, risk management, or related field; certifications like FRM or CRMBachelor's in law, finance, or related; certifications like CCEP or CRCM
Work EnvironmentFinancial institutions, banks, insurance companiesFinancial services, banking, regulatory agencies
Employer & Industry UsageFocuses on identifying and mitigating operational risks within organizationsEnsures adherence to laws and regulations, managing compliance risks

The Operations Risk Analyst and Compliance Analyst roles share overlapping skills in risk assessment and industry knowledge but differ in focus. The Operations Risk Analyst concentrates on operational and financial risks within organizations, while the Compliance Analyst emphasizes regulatory adherence and legal risk management. Both roles are vital in financial sectors and often collaborate to ensure organizational stability and compliance.

What does an Operations Risk Analyst do?

An Operations Risk Analyst is responsible for identifying, assessing, and mitigating risks that could affect a company's day-to-day operations. They analyze business processes, review compliance with regulations, and develop strategies to minimize operational losses. Their work helps ensure that an organization can operate efficiently while reducing the likelihood of disruptions or financial losses due to internal or external risks.

What are some common challenges faced by Operations Risk Analysts, and how can they be addressed effectively?

Operations Risk Analysts often encounter challenges such as identifying emerging risks in rapidly changing business environments and ensuring compliance with evolving regulations. Managing large volumes of data and collaborating across multiple departments to gather accurate information can also be demanding. To address these challenges, it's important to stay updated on industry best practices, utilize risk management software, and maintain strong communication with cross-functional teams. Building strong analytical and interpersonal skills will help you navigate these complexities and contribute to creating robust risk mitigation strategies.
What are popular job titles related to Operations Risk Analyst jobs in Virginia? For Operations Risk Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Operations Risk Analyst jobs in Virginia look for? The top searched job categories for Operations Risk Analyst jobs in Virginia are:
Infographic showing various Operations Risk Analyst job openings in Virginia as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $85,103 per year, or $40.9 per hour.
Enterprise Cybersecurity Vulnerability Risk Analyst

Enterprise Cybersecurity Vulnerability Risk Analyst

Booz Allen Hamilton

Mclean, VA

Full-time

Medical, Life, Retirement, PTO

Posted 19 days ago


Booz Allen Hamilton rating

8.8

Company rating: 8.8 out of 10

Based on 47 frontline employees who took The Breakroom Quiz

9th of 58 rated business consultants


Job description

Enterprise Cybersecurity Vulnerability Risk Analyst

The Opportunity:

Cyber threats are everywhere, and vulnerabilities can create risk quickly when findings are not reviewed, prioritized, tracked, and resolved through clear ownership. In all of this cyber noise, how can organizations make practical, risk-informed decisions about vulnerability remediation, deferrals, exceptions, and appeals? The answer is you - an information security risk specialist who can help turn complex vulnerability information into clear decisions and accountable action.

As a Vulnerability Exception and Deferral Analyst on our Enterprise IT and Cyber Risk team, you'll manage the operational lifecycle of vulnerability exceptions, deferrals, appeals, and related risk decisions. You'll review technical and business justifications, validate mitigating controls, assess risk impact, and help determine whether requests align with enterprise standards, risk tolerance, and compliance expectations. You'll partner with vulnerability management, cyber architecture and engineering, hosting, network services, business information security officers, technical risk officers, product owners, and system owners to support timely, consistent, and defensible remediation decisions.

You'll use ServiceNow and related workflow tools to track vulnerability risk decisions, maintain accurate records, identify aging or bottlenecked items, and generate reporting on exception trends, workflow metrics, remediation status, and recurring risk themes. You'll help improve the consistency and maturity of the vulnerability exception and deferral program by strengthening intake criteria, decision documentation, escalation paths, and operational reporting. This is your opportunity to support a high-impact cyber risk process while broadening your skills in vulnerability management, cloud security, risk governance, and workflow automation.

Work with us as we protect the enterprise by strengthening how vulnerability risk is evaluated, tracked, escalated, and remediated. Due to the nature of work performed within this facility, U.S. citizenship is required.

Join us. The world can't wait.

You Have:

  • 5+ years of experience supporting cybersecurity operations, vulnerability management, security findings management, technology risk, cyber risk, or remediation tracking
  • Experience managing the lifecycle of security findings or vulnerabilities, including intake, assignment, tracking, aging, reporting, escalation, remediation coordination, or closure validation
  • Experience evaluating vulnerability deferrals, exceptions, appeals, risk acceptances, or remediation delays, including review of technical and business justifications
  • Experience assessing mitigating controls, service level agreement compliance, risk-based prioritization, or risk-based decisioning for vulnerability findings
  • Experience using workflow platforms such as ServiceNow to manage vulnerability response, risk management, ITSM, CMDB, issue tracking, or remediation workflows
  • Knowledge of vulnerability management concepts, cloud security findings, Cloud Security Posture Management, remediation workflows, and operational risk reporting
  • Ability to translate technical vulnerability data into clear risk summaries, workflow metrics, exception trends, and status updates for technical teams and risk governance forums
  • Ability to coordinate across technical and business teams during fast-paced remediation decision cycles
  • HS diploma or GED

Nice If You Have:

  • Experience with ServiceNow Vulnerability Response, Integrated Risk Management, ITSM, CMDB, or workflow automation
  • Experience supporting cloud security or CSPM findings in AWS, Azure, Google Cloud Platform, or hybrid cloud environments
  • Experience facilitating cross-functional huddles with cyber architecture and engineering, vulnerability management, hosting, network, BISO, technical risk, product, or system owner teams
  • Knowledge of security controls and alignment to regulations or frameworks, including NIST SP 800-53, NIST SP 800-171, FedRAMP, CMMC, SOC 2, or similar frameworks
  • Knowledge of incident-style escalation handling, including rapid evaluation of critical or urgent vulnerabilities and coordination with on-call personnel
  • Ability to identify operational trends, data quality issues, workflow bottlenecks, and process maturity opportunities
  • Ability to manage competing priorities, drive tasks to closure with minimal supervision, and operate effectively in a developing or evolving risk management environment
  • Ability to support priority incidents or urgent remediation decisions outside normal working hours if required.
  • Bachelor's degree
  • Certifications in cybersecurity, risk, cloud, vulnerability management, or ServiceNow, including CISSP, CGRC, CRISC, Security+, AWS, Azure, or specialized ServiceNow certifications

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Candidate AI Usage Policy

AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided.

Work Model
Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings.

  • Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility.

  • Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility.

  • Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.


What Booz Allen Hamilton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Booz Allen Hamilton logo

About Booz Allen Hamilton

Sourced by ZipRecruiter

Booz Allen Hamilton is a leading provider of management and technology consulting services to the US government in defense, intelligence, and civil markets. Headquartered in McLean, Virginia, the firm also serves major corporations, institutions, and not-for-profit organizations. Founded in 1914 by Edwin G. Booz, the company has a long-standing tradition of helping clients achieve success by delivering a wide range of consulting services that include strategic planning, human capital and learning, communication, systems development, and others. The company's mission is to empower people to change the world, and it has a reputation for maintaining the highest standards of integrity and-excellence.

Industry

It services

Company size

10,000+ Employees

Headquarters location

McLean, VA, US

Year founded

1914