Senior Risk and Vulnerability Analyst
Arlington, Virginia, United States
Full Time Senior-level / Expert Clearance required USD 93K - 160K *
Aperio Global, LLC
Aperio Global transforms data to enable operational decision-making to solve emerging challenges in cybersecurity, information analysis, and every task that comes next.Aperio Global is seeking a highly skilled Senior Risk and Vulnerability Analyst to join our dynamic team in an upcoming program. This position under the Cybersecurity and Infrastructure Security Agency (CISA), identifies and prioritizes cybersecurity risks to national critical infrastructure to inform the development of cyber operations plans and programs. The JCDC Planning Office integrates information on cyber threats, vulnerabilities, and consequences, and uses resources and capabilities from across public and private sector stakeholders to identify, analyze, and prioritize cybersecurity risks of national significance. The JCDC Planning Office also works closely with CISA Intel and the Intelligence Community (IC) to ensure cyber threat intelligence is integrated into JCDC risk analysis and JCDC joint cyber defense plans. This work supports the development of the JCDC Planning Agenda by providing leadership with an understanding of the greatest cybersecurity risks so they can make informed decisions on the joint cyber defense plan priorities. Your expertise and dedication will play a vital role in our success.
Specific tasks include:
· Support the development of risk analysis models, tools, and methodologies to enable risk prioritization.
· Support the development of standard risk analysis policies, standard operating procedures, and similar documents to ensure standardized approaches across the JCDC Planning Office.
· Support the development of risk analysis processes and procedures that incorporate data and capabilities from other CISA offices, USG partners, and nonfederal partners.
· Maintain a comprehensive understanding of how risk analysis can inform JCDC Planning Office efforts.
· Identify and collect requirements to support the development of roadmaps, strategies, or plans for analytic tools, software, and platforms.
· Support the development of methodologies, policies, and procedures for assessing the risk reduction impact of JCDC Planning Office planning and operations.
· Identify existing information and production efforts on cyber threats, vulnerabilities, and consequences.
· Prepare recommendations to fill analytic gaps and support risk prioritization.
· Provide data science expertise to support data integration efforts.
· Coordinate with CISA Intel and IC partners, including DHS Intelligence and Analysis, to incorporate intelligence into JCDC plans.
· Monitor intelligence products for the relevance to cyber defense operations and develop recommendations for how to incorporate this intelligence into cyber defense plans and operations.
· Coordinate with CISA Intel on how to incorporate intelligence into cyber defense plans and operations.
· Provide recommendations on how to integrate cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.
· Develop and implement, at the direction of CISA, processes for integrating cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.
· Support the JCDC in maintaining the JCDC Intelligence Support Annex—including monitoring, reviewing, and updating the intelligence support process.
· Establish and maintain an effective structure for information management and sharing with appropriate stakeholders via agency provided and/or authorized sharing mechanisms which currently include Intelink, SharePoint, Teams, and Confluence/Maestro.
Requirements
· Minimum of 8 years of experience using cyber threat intelligence and cyber vulnerability data to develop cyber risk analyses that inform organizational prioritization and cyber operations.
· Must possess a Top-secret clearance.
· Experience must demonstrate proficiency in understanding how to use various data sets and sources of information to develop a defensible and repeatable risk analysis methodology.
· Excellent organizational skills, attention to detail, and sound skills in written and oral communication is a must.
· Must be able to read and speak fluent English
Benefits
At Aperio Global, we understand the value of investing in our most important asset—our employees. That's why we have crafted a comprehensive benefits package designed to help you make the best decision for yourself, your family and your lifestyle. For additional details, contact our talent acquisition team.
Aperio Global fosters a diverse work environment and provides equal employment opportunities (EEO) to all employees and applicants for employment. We prohibit discrimination and harassment of any type and offer employment opportunities without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other distinction protected by federal, state or local laws.
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Short Term & Long Term Disability
- (and much more)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA Clearance Confluence Cyber defense Monitoring Risk analysis SharePoint Threat intelligence Vulnerabilities
Perks/benefits: 401(k) matching Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs