Enterprise Risk Analyst

Job description

Enterprise Risk Analyst The Opportunity: As an experienced Risk Analyst, you will execute the VA Enterprise Risk Analysis process using a custom ERA tool to identify key cyber security risk factors in network connected devices. These risk factors are summarized, evaluated, and reported using quantitative and qualitative scores to provide a VA authorizing official with awareness of the residual cyber risk prior to connecting these devices to the VA network. You must acquire, review, and leverage system documentation and data gathered through questionnaires and interviews with customers in the field and vendor or manufacturer representatives to accurately document critical security posture elements in a common reporting format. These elements include hardware and software inventory, communications profile, system interconnections, data types and stores, and the presence or lack of security controls, settings, and mechanisms for a given device type. Work within a Risk Management team to achieve best outcomes for the ERA process. Join us. The world can’t wait. You Have: Experience with cybersecurity, risk management, or risk assessment for complex systems Experience with NIST SP 800-53...