Position Title: Senior Risk and Vulnerability Analyst (Top Secret Clearance Required)

Position Overview:

The Senior Risk and Vulnerability Analyst - Key Personnel plays a pivotal role in assessing and mitigating cyber risks within the Joint Cyber Defense Command (JCDC) Planning Office. This position is responsible for conducting thorough risk assessments, identifying vulnerabilities, and providing strategic guidance to enhance cyber defense capabilities across critical infrastructure sectors. A Top Secret security clearance is required to access sensitive information and support classified operations.

Key Responsibilities:

1. Conduct comprehensive risk assessments of systems, networks, and applications to identify vulnerabilities, weaknesses, and potential threats to critical infrastructure assets.

2. Utilize advanced vulnerability assessment tools and techniques to identify, classify, and prioritize vulnerabilities based on their severity and potential impact on operations

3. Analyze classified threat intelligence feeds and security incident data to assess the likelihood and potential impact of cyber threats on critical infrastructure assets and operations.

4. Develop and maintain risk management frameworks, methodologies, and procedures to support risk assessment and mitigation activities within the JCDC Planning Office.

5. Collaborate with internal teams and external partners to develop and implement risk mitigation strategies and remediation plans to address identified vulnerabilities and weaknesses.

6. Provide technical expertise and guidance to JCDC stakeholders on risk assessment methodologies, best practices, and industry standards.

7. Produce detailed reports and documentation summarizing risk assessment findings, vulnerability analysis results, and recommendations for risk mitigation and remediation.

8. Stay informed about emerging cyber threats, vulnerabilities, and industry trends to inform risk assessment processes and enhance cyber defense capabilities within the JCDC Planning Office.

9. Support incident response activities by providing expertise in identifying and addressing vulnerabilities exploited during cyber incidents while maintaining the confidentiality of classified information.

Recommended Qualifications:

· Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Advanced degree preferred.

· Professional certifications in cybersecurity and risk management (e.g., CISSP, CISM, CRISC) are highly desirable.

· Minimum of 7-10 years of experience in cybersecurity, risk management, vulnerability assessment, or related fields.

· Strong technical skills and proficiency in using vulnerability assessment tools and techniques (e.g., Nessus, Qualys, Metasploit).

· Demonstrated experience in conducting risk assessments, vulnerability scanning, and penetration testing.

· In-depth knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIST, ISO/IEC 27001, PCI DSS).

· Excellent analytical skills with the ability to analyze complex data sets and identify patterns and trends.

· Effective communication skills with the ability to convey technical information to non-technical stakeholders.

· Strong project management skills with the ability to prioritize tasks and manage multiple projects simultaneously.

· Ability to work collaboratively in a team environment and interact effectively with diverse stakeholders.

· Top Secret security clearance with eligibility for access to sensitive compartmented information (SCI) or willingness to undergo the necessary security clearance process.

Location:

· Arlington, Virginia

Clearance:

· TS/SCI eligibility