Cyber Risk Analyst SME
Hybrid · Arlington, Virginia, United States or Washington, District of Columbia, United States
Arlington, Virginia, United States or Washington, District of Columbia, United StatesHybridFull TimeSenior LevelNot SpecifiedUnknown
Type
Full Time
Level
Senior Level
Education
Not Specified
Company size
Unknown
Job Summary
Cyber Risk Analyst (SME) conducting on-site and remote cyber risk assessments, applying NIST SP 800-30, MITRE ATT&CK, threat modeling, and risk mitigation; collaborates with cybersecurity, OT, and systems engineering SMEs to translate technical risks into mission impacts; requires DOE Q clearance and hybrid work with travel to client sites.
Required Qualifications
- 10+ years of experience in cybersecurity risk assessment, vulnerability analysis, or cyber mission assurance
- Deep knowledge of NIST SP 800-30, NIST RMF, and related federal standards
- Hands-on experience with threat modeling approaches and MITRE ATT&CK
- Strong writing and briefing skills to produce risk reports, mitigation strategies, and decision support artifacts
- Proven ability to develop task plans, manage assessment milestones, and work independently or as part of a team
- Active DOE Q or higher clearance (or ability to obtain)
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.