Cyber Risk Management Analyst

Job description

***This position is contingent upon award *** Responsibilities: Location: Hybrid - 3 days onsite Brooklyn, NY, 2 days remote - Drive enterprise cybersecurity risk management by quantifying risks, assessing control effectiveness, and ensuring alignment with NIST 800-53, FISMA, and DOE policies - Lead enterprise-wide risk assessments, audits, and user awareness programs - Maintain and manage the enterprise Risk Register and POA&M lifecycle - Monitor/report critical cyber risks; use dashboards and metrics to inform leadership - Design security awareness programs and phishing simulations - Collaborate with engineers and analysts to define compliance guardrails and prioritize remediation activities - Generate automated risk metrics, heat maps, and executive-level security reports Requirements: Applicant must be a U.S. citizen residing in the U.S. This position requires obtaining a clearance through the Department of Education. Applicants must be willing to undergo a background check as part of the hiring process. Education: Bachelor’s degree from an accredited university or 5-7 years of relevant experience. Experience: 3+ years in GRC, third-party risk management, federal compliance (NI...