Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Cybersecurity Risk Analyst

Eclaro

Cybersecurity Risk Analyst

ECLARO is looking for a Cybersecurity Risk Analyst for our client in Manassas, VA. ECLARO's client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you're up to the challenge, then take a chance at this rewarding opportunity!

Position Overview:

  • Seeking a results-driven and analytically minded Cybersecurity Risk Analyst to serve a dual mission within the Cybersecurity team: owning Third-Party Risk Management (TPRM) operations and supporting the organization's broader Cyber Governance & Risk.
  • The successful consultant will be the Subject Matter Expert (SME) for TPRM program, currently administered through the SAFe platform, and will be equally responsible for insider threat monitoring, custom cybersecurity awareness training development, awareness metrics reporting, Disaster Recovery (DR) coordination, and executive-level risk reporting.
  • This role demands a practitioner who can translate technical risk data into clear business intelligence, build compelling Power BI dashboards and reports for leadership, and collaborate effectively across IT, Operations, and Procurement.
  • The ideal consultant brings hands-on TPRM experience, strong data visualization skills, and a passion for building programs that protect members, infrastructure, and operational continuity.

Responsibilities:

  • Third-Party Risk Management (TPRM) Operations:
    • Evaluate new and prospective vendors through structured cybersecurity risk assessments to determine cyber clearance eligibility before contract execution or system access.
    • Serve as the primary SME and platform administrator for TPRM solution (SAFe), maintaining data integrity, configuring risk workflows, and driving continuous platform optimization.
    • Maintain and continuously update the enterprise vendor inventory, tracking risk tier classification, assessment status, contract dates, and lifecycle position for all third parties.
    • Execute structured vendor onboarding workflows, including security due diligence, contractual security requirements review, and formal risk acceptance documentation.
    • Monitor and triage automated vendor security alerts generated through SAFe; analyze alert severity and communicate actionable risk intelligence to appropriate business and security stakeholders on time.
    • Manage vendor offboarding procedures, ensuring complete termination of data and system access, contractual closure, and record retention compliance.
    • Conduct periodic reassessments and ongoing monitoring of in-scope vendors according to risk tiering methodology and assessment calendar.
    • Develop and maintain Power BI dashboards and reports presenting vendor risk metrics, assessment completion rates, open risks, and trend analysis for leadership and risk committees.
  • Cyber Governance, Risk & Insider Threat:
    • Support Insider Threat program by monitoring behavioral risk indicators, documenting escalation procedures, and maintaining governance records.
    • Assist in the preparation of cybersecurity governance artifacts, including risk registers, policy documents, control metrics, and compliance reports aligned to NIST CSF and applicable regulatory frameworks.
    • Generate periodic cyber risk reports for IT leadership, audit, and regulatory audiences, summarizing risk posture, open findings, control gaps, and remediation status.
    • Build and maintain Power BI dashboards to visualize governance and risk metrics, control effectiveness trends, and risk KPIs across the organization.
    • Participate in risk assessment activities and support internal control evaluations relevant to IT environments.
  • Cybersecurity Awareness Training & Metrics Reporting:
    • Design and develop custom cybersecurity awareness training content tailored to the specific business operations and risk profiles of individual departments (e.g., Operations, Finance, Customer Engagement, Engineering).
    • Assisting in collaborating with department leads to schedule, deploy, and track training completion across the organization.
    • Assist in administering phishing simulation campaigns; analyze results and produce actionable reports identifying at-risk user populations and trending behaviors.
    • Build and maintain Power BI dashboards tracking cybersecurity awareness KPIs, including training completion rates, phishing click-through rates, repeat offender trends, and department-level performance over time.
    • Assist in preparing and presenting monthly and quarterly Cyber Awareness Reports for leadership, translating program metrics into clear risk narratives and recommended actions.
    • Stay current with evolving social engineering tactics, threat actor techniques, and regulatory guidance (e.g., CISA advisories) to keep training content timely and impactful.
    • Evaluate training platform effectiveness and recommend enhancements or alternative tools to improve learner engagement and retention.
  • Disaster Recovery (DR) Coordination & Reporting:
    • Coordinate and facilitate Disaster Recovery testing exercises for core business applications in collaboration with technical SMEs across IT Operations.
    • Develop DR test plans, scoping documents, timelines, and stakeholder communication plans in coordination with system owners and application custodians.
    • Document test execution results, capture gaps or failures, and produce comprehensive post-exercise reports for IT leadership and executive stakeholders.
    • Track remediation of identified DR gaps to closure; maintain updated DR runbooks, test records, and lessons-learned logs.
    • Assist in the broader Business Continuity Planning (BCP) process as it pertains to cybersecurity resilience and recovery readiness.
  • SharePoint Intranet & Stakeholder Dashboard Publishing:
    • Design, build, and maintain dedicated SharePoint sites and pages serving as the centralized hub for cybersecurity communications, dashboards, and reporting artifacts.
    • Embed and publish Power BI reports directly into SharePoint pages, ensuring stakeholders can access live, role-appropriate dashboards without requiring Power BI licensing or direct platform access.
    • Develop audience-specific SharePoint pages tailored to the information needs of distinct stakeholder groups, including IT leadership, department managers, executive sponsors, audit / compliance teams, and general staff, applying role-based access controls and page permissions accordingly.
    • Maintain separate SharePoint views for TPRM metrics, cyber awareness training completion and phishing stats, governance and risk posture indicators, and DR testing results, ensuring content remains current and accurate.
    • Collaborating with department heads and business units leads to understanding their reporting consumption preferences and translating those needs into intuitive, self-service SharePoint dashboard pages.
    • Establish and enforce a publishing cadence (monthly, quarterly) for dashboard refreshes and narrative updates aligned to governance reporting calendar.
    • Apply SharePoint governance best practices, including naming conventions, version control, content lifecycle management, and access review procedures.
    • Coordinate with IT infrastructure and Microsoft 365 administrators as needed for site provisioning, permissions architecture, and integration with Power BI Service workspaces.
  • Internal:
    • Communicate within the assigned department and with other departments to ensure understanding and achievement of department and organization goals and standards; provide the highest level of service to internal customers; exchange information and ideas for improvements in the department and organization; coordinate customer service activities, plans, and requirements; and improve the knowledge base of company policies, procedures, and programs.
    • Participate in staff meetings to develop and implement present and plans; monitor and revise strategies and programs; confer on mutual issues; exchange information; and share in the determination and formulation of policies and procedures.
  • External:
    • Provide the highest level of quality customer service to external customers through various forms of communication as well as proactive and professional relationships with customers, the business community, and the general public.

Required Qualifications:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Risk Management, or a closely related field.
  • Equivalent combination of education and demonstrated professional experience will be considered.
  • Minimum 3-5 years of progressive experience in cybersecurity, IT risk management, or a related GRC discipline.
  • Demonstrated experience operating or administering a formal TPRM program or third-party risk platform.
  • Proven ability to build Power BI reports and dashboards that translate security data into executive-ready metrics.
  • Experience developing and delivering cybersecurity awareness training and reporting program metrics.
  • Familiarity with Disaster Recovery planning, tabletop exercises, or DR test coordination.
  • Power BI Report & Dashboard Development
  • Vendor Risk Assessment & Lifecycle Management
  • TPRM Platform Administration (SAFe or Equivalent)
  • GRC Documentation & Control Mapping
  • Security Questionnaire Evaluation (SIG, Custom)
  • Phishing Simulation Analysis & Reporting
  • Cyber Awareness Metrics Tracking & Presentation
  • DR Test Planning, Facilitation & Post-Exercise Reporting
  • Insider Threat Monitoring Support
  • Advanced Microsoft Excel (Pivot Tables, Data Models)
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Cybersecurity Risk Analyst in Manassas Park, VA vacancy
  • $85k - $110k

     ...Cybersecurity Analyst I Now hiring at American Systems. Epsilon, Inc. has joined American Systems! As one organization, we offer expanded...  ...organization's cybersecurity posture by performing comprehensive risk assessment and improving incidents response protocols. In... 
    Suggested
    Immediate start

    American Systems

    Manassas Park, VA
    4 days ago
  •  ...MANTECH seeks a motivated, career and customer-oriented Cyber Incident Response Analyst to join our team in McLean, Virginia . Our team provides 24x7x365 cybersecurity support to one of the most coveted targets in the world.  The Cyber Incident Response Analyst... 
    Suggested
    Shift work
    Night shift
    Day shift
    Afternoon shift

    MANTECH

    McLean, VA
    -116
  • $99k - $225k

     ...Job Number: R0242812 Cybersecurity Analyst The Opportunity: Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head...  ..., and cloud infrastructure ~3+ years of experience with risk and vulnerability research and writing ~1+ years of experience... 
    Suggested
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work
    Worldwide

    Booz Allen Hamilton

    McLean, VA
    4 days ago
  •  ...Cybersecurity Analyst We are seeking a dedicated and detail-oriented Cybersecurity Analyst to join our team and help safeguard our systems...  ...skills, and a proactive approach to identifying and mitigating risks. If you're passionate about protecting digital environments... 
    Suggested
    Temporary work
    For contractors
    Immediate start
    Flexible hours

    Cymertek

    McLean, VA
    11 hours ago
  •  ...Cybersecurity Analyst LOCATION Chantilly, VA 20151 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship...  ..., and a proactive approach to identifying and mitigating risks. If you're passionate about protecting digital environments... 
    Suggested
    Temporary work
    For contractors
    Immediate start
    Flexible hours

    Cymertek

    Chantilly, Loudoun County, VA
    10 hours ago
  • $99k - $225k

     ...Job Number: R0239024 Enterprise Cybersecurity Analyst The Opportunity : Support mission-critical cybersecurity operations for Booz Allen...  ...vulnerability scanning, remediation workflows, and risk assessments ~ Ability to collaborate with IT, risk, and... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    McLean, VA
    1 day ago
  • $120k - $179k

     ...Cybersecurity Analyst Bridge Core provides high energy, unified teams; technology integration experience; and innovative approaches, to enable our clients' mission. We enable our clients' mission by integrating innovative technologies and implementing adoption processes... 
    Shift work
    Night shift
    Weekend work
    Afternoon shift

    B/CORE

    McLean, VA
    2 days ago
  •  ...Overview Cybersecurity Analyst – McLean, VA. TS/SCI clearance with polygraph required. Bridge Core is seeking a skilled analyst to support government agencies in cyberspace. Responsibilities We are seeking a skilled and motivated Cybersecurity Analyst to join our team.... 
    Shift work
    Night shift
    Afternoon shift

    Bridge Core

    McLean, VA
    4 days ago
  •  ...Cyber Security Analyst Location: McLean, Virginia ***Clearance Requirement: TS/SCI w/ Full Scope Polygraph*** Position Description...  ...Incident Response Team, Security Operations Center, or other Cybersecurity position. Experience with using SIEM systems, network security... 
    Shift work
    Night shift
    Day shift
    Afternoon shift

    Signature Federal Systems , LLC

    McLean, VA
    2 days ago
  •  ...Bridge Core (BCore) is seeking a Cybersecurity Analyst in McLean, VA. The ideal candidate should have at least 1 year of experience in cybersecurity roles and possess an active TS/SCI clearance with polygraph. Responsibilities include utilizing SIEM systems for threat... 
    Shift work
    Afternoon shift

    Bridge Core

    McLean, VA
    22 hours ago
  • $114.6k - $190.2k

     ...Cybersecurity Analyst - Nights Unlock the secrets of intelligence with MANTECH! Join a dynamic team at the forefront of national security, providing advanced solutions to government intelligence agencies. Since 1968, we've been solving the toughest challenges with groundbreaking... 
    Hourly pay
    Contract work
    Temporary work
    Work experience placement
    Work at office
    Local area
    Remote work
    Shift work
    Night shift

    ManTech

    McLean, VA
    1 day ago
  •  ...Description: Secure and resilient cybersecurity is critical to national defense and mission success. Valencor LLC (Valencor) is seeking a Cybersecurity Analyst with expertise in Risk Management Framework (RMF), Zero Trust Architecture (ZTA), and Data-Centric Security... 

    VALENCOR, LLC

    Chantilly, Loudoun County, VA
    4 days ago
  •  ...Overview Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) Oakton, VA SecuriGence delivers essential technology services...  ...Monitoring (ConMon) activities in accordance with the Risk Management Framework (RMF). This role is responsible for identifying... 

    Chenega MIOS SBU

    Oakton, VA
    1 day ago
  •  ...finance technology, today announced the acquisition of DataScan, a trusted North American leader in wholesale finance and inventory risk management. About DataScan: Headquartered in Alpharetta, Georgia, DataScan stands at the forefront of delivering cutting-edge wholesale... 
    Work at office
    Local area
    Immediate start
    Flexible hours
    Night shift

    DataScan

    Centreville, VA
    4 days ago
  • $67.3k - $94.2k

     ...Risk & Controls Analyst Category: Cyber Security Main location: United States, Various Position ID: J0626-1135 Employment Type...  ...Education: ?Bachelor's degree in Information Technology, Cybersecurity, Risk Management, Accounting, Business, or a related field... 
    Full time
    Local area

    CGI Technologies and Solutions, Inc.

    Fairfax, VA
    1 day ago
  •  ...Senior Risk Analyst Immediate need for a talented Senior Risk Analyst with experience in the Banking & Financial Industry. This is a 06+ Months Contract opportunity with long-term potential and is located in McLean, VA. Please review the job description below. Key... 
    Contract work
    Immediate start

    Pyramid Consulting

    McLean, VA
    3 days ago
  • $99k - $225k

    Cybersecurity Analyst The Opportunity: Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head challenge of gaining access...  ...networking, and cloud infrastructure 3+ years of experience with risk and vulnerability research and writing 1+ years of... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work
    Worldwide

    Booz Allen Hamilton

    McLean, VA
    4 days ago
  • $86.8k - $198k

     ...Risk Management Analyst, Lead The Opportunity: Manage the application of analytical risk management principles that enable organizations to achieve mission assurance by preparing for, preventing, mitigating, responding to and recovering from emergencies. Apply... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    BOOZ, ALLEN & HAMILTON, INC.

    McLean, VA
    22 hours ago
  •  ...and education. Come and experience your future! Classified Cybersecurity Leaders will secure life saving products and critical state of...  ...with internal LM and customer security requirements, primarily Risk Management Framework (RMF) to include Continuous Monitoring, Plan... 
    Full time
    Work at office
    Remote work
    Relocation
    Flexible hours
    Shift work
    3 days per week

    Lockheed Martin - US

    Manassas, VA
    13 days ago
  • $85k - $141k

     ...patching timelines, remediation deadlines, and related federal cybersecurity and compliance requirements. Develop and maintain automated...  ...to track remediation progress, compliance gaps, and asset risk. Prepare reports and briefings for leadership and federal oversight... 
    Temporary work
    Flexible hours

    Guidehouse

    McLean, VA
    3 days ago
  •  ...Assist in maintaining and updating HQ's AFOSI Governance, Risk and Compliance (GRC) application for assessing/managing risk,...  ...Splunk or ArcSight. Must possess analytical skills to troubleshoot cybersecurity issues and the ability to conceptualize server infrastructures... 
    Full time
    Work at office
    Immediate start

    Navstar

    Quantico, VA
    2 days ago
  • $124.22k - $131.01k

     ...understanding of systems engineering concepts, principles, and theories • Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), DIACAP, STIGs and other government security specifications and guidelines • Proficient knowledge of... 
    Work at office
    Flexible hours

    General Dynamics Mission Systems

    Manassas, VA
    1 day ago
  • $177.7k - $202.8k

     ...Senior Manager, Risk Management - Policy Analyst Capital One is one of the fastest growing organizations in the world today, powered by our...  ...driving innovation through technology, we equally prioritize cybersecurity, reliability, software quality, and data management.... 
    Full time
    Part time
    Local area

    Capital One

    McLean, VA
    6 days ago
  • $99k - $187k

    Enterprise Architect An Enterprise Architect helps lead the organization in the planning, development, and application of enterprise architecture to achieve business objectives and strategies. They align technical initiatives, principles, and practices with WRB's strategic...
    Full time
    Work experience placement
    Remote work

    W. R. Berkley

    Manassas Park, VA
    1 day ago
  • $117.3k - $133.9k

     ...Principal, Risk Specialist Does the idea of working with and guiding professional, highly trained accountants, product, technology and other professionals inspire you? Are you a professional with a demonstrated ability to guide and support complex projects? Would you... 
    Full time
    Part time
    Local area

    Capital One

    McLean, VA
    4 days ago
  • $120.8k - $137.9k

     ...Principal Risk Specialist As a Principal Risk Associate at Capital One you'll be responsible for working with business partners to identify and mitigate potential risks. Principal Risk Associates at Capital One are highly motivated Risk Management professionals... 
    Full time
    Part time
    Work at office
    Local area

    Capital One Financial Corp

    McLean, VA
    4 days ago
  • $120.8k - $137.9k

     ...Principal Risk Specialist As a Principal Risk Associate at Capital One you’ll be responsible for working with business partners to identify and mitigate potential risks. Principal Risk Associates are highly motivated Risk Management professionals with excellent organizational... 
    Full time
    Part time
    Work at office
    Local area

    Information Technology Senior Management Forum

    McLean, VA
    22 hours ago
  •  ...LLC is a veteran-owned small business that maintains a team of cybersecurity experts committed to protecting complicated data and...  ...decision makers with the most accurate assessment of residual risk possible. We work with our clients to solve the toughest challenges... 

    WarCollar Industries

    Centreville, VA
    4 days ago
  • $98k - $145k

     ...full-time role in Centreville. Part of S&P Global Mobility's Risk hiring, posted yesterday. Full responsibilities, required qualifications...  ...audits across key IT areas, including IT governance, cybersecurity, cloud configuration, corporate systems, operational systems,... 
    Full time
    Local area

    TryApplyNow

    Centreville, VA
    3 days ago
  • $120.8k - $137.9k

     ...Principal Risk Specialist | Enterprise Payments Do you like working in the spotlight? Are you ready to work on the front line of a top 10 Bank? Can you build relationships as well as develop and implement innovative solutions? As a Principal Risk Specialist... 
    Full time
    Part time
    Work at office
    Local area

    Capital One Financial Corp

    McLean, VA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Cybersecurity Risk Analyst. Be the first to apply!