Senior Risk And Vulnerability Analyst

Position: Senior Risk and Vulnerability Analyst

Location: Arlington, VA

Clearance: TS/SCI

Work Environment: Hybrid

Status: Contingent Upon Award

Knowesis is seeking a Senior Risk and Vulnerability Analyst to support the Department of Homeland Security, Cybersecurity and Infrastructure Security Agency mission to lead the national effort to protect and enhance the resilience of the nation's physical and cyberinfrastructure.

To be eligible for this position, candidates must have a TOP SECRET clearance, with the ability to obtain SCI, and possess U.S. Citizenship without the need for sponsorship, both now and in the future. Applicants without proof of U.S. Citizenship will not be considered due to the position's security clearance requirements.

The Job Duties and Responsibilities include but are not limited to the following:

• Support the development of risk analysis models, tools, and methodologies to enable risk prioritization.

• Support the development of standard risk analysis policies, standard operating procedures, and similar documents to ensure standardized approaches across the JCDC Planning Office.

• Support the development of risk analysis processes and procedures that incorporate data and capabilities from other CISA offices, USG partners, and nonfederal partners.

• Maintain a comprehensive understanding of how risk analysis can inform JCDC Planning Office efforts.

• Identify and collect requirements to support the development of roadmaps, strategies, or plans for analytic tools, software, and platforms.

• Support the development of methodologies, policies, and procedures for assessing the risk reduction impact of JCDC Planning Office planning and operations.

• Identify existing information and production efforts on cyber threats, vulnerabilities, and consequences.

• Prepare recommendations to fill analytic gaps and support risk prioritization.

• Provide data science expertise to support data integration efforts.

• Coordinate with CISA Intel and IC partners, including DHS Intelligence and Analysis, to incorporate intelligence into JCDC plans.

• Monitor intelligence products for the relevance to cyber defense operations and develop recommendations for how to incorporate this intelligence into cyber defense plans and operations.

• Coordinate with CISA Intel on how to incorporate intelligence into cyber defense plans and operations.

• Provide recommendations on how to integrate cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.

• Develop and implement, at the direction of CISA, processes for integrating cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.

• Support the JCDC in maintaining the JCDC Intelligence Support Annex-including monitoring, reviewing, and updating the intelligence support process.

• Establish and maintain an effective structure for information management and sharing with appropriate stakeholders via agency provided and/or authorized sharing mechanisms which currently include Intelink, SharePoint, Teams, and Confluence/Maestro.

Required Qualifications:

• 8 years of relevant experience using cyber threat intelligence and cyber vulnerability data to develop cyber risk analyses that inform organizational prioritization and cyber operations.

• Proficiency in understanding how to use various data sets and sources of information to develop a defensible and repeatable risk analysis methodology.

• Must have a high degree of sound, independent judgment to effectively resolve problems and issues.

• Must possess highly effective oral and written communication skills to facilitate coordination with multiple entities to provide expert analytical services and advice.

Required Education:

• Bachelor's degree in business management, business administration or related field.

Knowesis is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.