Enterprise Risk Analyst
$132k - $178kTrueanomalyinc
Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it.
OUR MISSION
True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors — enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground.OUR VALUES
Be the offset. We create asymmetric advantages with creativity and ingenuity. What would it take? We challenge assumptions to deliver ambitious results. It’s the people. Our team is our competitive advantage and we are better together. Your Mission We are seeking a driven and detail-oriented Enterprise Risk Analyst to support two distinct but interconnected lines of effort: Enterprise Risk Management (ERM) and Third-Party Vendor Risk Management (TPVRM). Reporting to the Senior Enterprise Risk Manager, you will play a hands‑on role in executing risk assessments, maintaining program documentation, tracking remediation activities, and building the data foundation that powers executive‑level risk decision‑making. This role is ideal for a mid‑career risk professional who is fluent in frameworks such as NIST RMF and CMMC, is developing practical experience with risk quantification methodologies like FAIR and OCTAVE, and is eager to grow within a fast‑paced aerospace and defense SaaS environment. You will work closely with engineering, security, legal, compliance, and operations teams to help identify, document, and track risk across the enterprise and its third‑party supply chain. Responsibilities Enterprise Risk Management Support the design, execution, and continuous improvement of the enterprise risk management program under the direction of the Senior Enterprise Risk Manager. Assist in conducting structured risk assessments using OCTAVE or similar threat‑and‑asset‑centric methodologies, documenting findings, threat profiles, and recommended mitigations. Support the application of FAIR methodology to help quantify risks in financial terms and contribute to risk prioritization analyses for leadership. Maintain and update the enterprise risk register, ensuring accuracy of risk ratings, ownership assignments, remediation status, and residual risk tracking. Build and maintain program dashboards, KPI/KRI reports, and status tracking using tools such as Jira, Confluence, enterprise GRC platforms, and MS Project. Assist with audit readiness activities including evidence collection, pre‑assessment preparation, control documentation, and post‑audit remediation tracking. Support POA&M management for IL5 and IL6 environments, tracking open items to closure and escalating blockers to the Enterprise Risk Manager. Contribute to the development and maintenance of risk policies, standards, and guidelines aligned to NIST SP 800‑53 Rev. 5, NIST SP 800‑171, RMF, and CMMC Level 3. Coordinate and track internal audit schedules, findings, and corrective action plans across business units. Third‑Party Vendor Risk Management Execute vendor risk assessments as part of the onboarding and periodic review lifecycle, including security questionnaire administration, documentation review, and risk scoring. Maintain the vendor risk inventory and lifecycle tracking records, ensuring all vendors are appropriately tiered and assessed on schedule. Monitor vendor risk signals including cybersecurity advisories, regulatory actions, and contractual compliance status, escalating material changes to the Enterprise Risk Manager. Support contract and procurement teams by providing vendor risk assessment findings and recommended risk mitigation language. Assist in ensuring TPVRM program alignment with CMMC supply chain requirements, DFARS clauses, and ITAR/export control considerations for critical suppliers. Develop and maintain vendor risk reporting inputs and dashboard content to support executive‑level visibility into third‑party risk exposure. Cross‑Functional Collaboration Serve as a reliable day‑to‑day point of contact for risk‑related inquiries from internal stakeholders across engineering, security, operations, and legal teams. Track program milestones, action items, and deliverables, proactively communicating status and flagging risks or dependencies to the Enterprise Risk Manager. Continuously improve risk program workflows, documentation templates, and reporting processes to support scalable and repeatable execution. Support the preparation of materials for internal leadership briefings, external assessor interactions, and government partner reviews. Qualifications 5+ years of experience in enterprise risk management, GRC, cybersecurity risk, compliance, or a closely related discipline. Working knowledge of NIST SP 800‑53, NIST SP 800‑171, DoD RMF (IL5/IL6), and CMMC, with direct experience supporting assessments or audits under one or more of these frameworks. Familiarity with risk assessment methodologies including FAIR and/or OCTAVE, with a desire to deepen applied expertise in risk quantification. Experience supporting or executing third‑party/vendor risk assessments, including questionnaire administration, documentation review, and risk tracking. Hands‑on experience with program management and GRC documentation tools including Jira, Confluence (Atlassian suite), MS Project, enterprise GRC platforms, and MS Visio or Lucidchart. Strong written and verbal communication skills, with the ability to clearly document findings and translate risk concepts for both technical and non‑technical audiences. Highly organized, self‑directed, and comfortable managing multiple workstreams simultaneously in a fast‑paced, regulated environment. Active or ability to obtain SECRET , TS/SCI security clearance. Must be a U.S. citizen, lawful permanent resident, or protected individual per ITAR requirements (8 U.S.C. 1324b (a)(3)). Preferred Qualifications Background in startup, aerospace, defense technology, or SaaS companies operating in regulated government markets. Industry certifications such as: Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA) Open FAIR Certification (The Open Group) CompTIA Security+ or equivalent Certified ScrumMaster (CSM) or similar Agile certification Experience with cloud environments, particularly Azure Government and/or AWS GovCloud. Familiarity with POA&M management, SSP documentation, and audit evidence collection in DoD authorization contexts. Working knowledge of ITAR, EAR, DFARS, and export control considerations as they relate to vendor and supply chain risk. Familiarity with Agile/Scrum and hybrid project delivery models. Compensation Base Salary: Denver – $115,000 to $155,000, Long Beach – $120,000 to $165,000, Washington, DC – $120,000 to $165,000, SF Bay Area – $132,000 to $178,000 Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave Additional Requirements Work Location: This role will be onsite at one of our office locations: Centennial, CO, Long Beach, CA, SF Bay Area, or Washington, DC. Work Environment: Standard office setting, working at a desk or in a production factory environment. Physical Demands: May include frequent standing, sitting, walking, bending, and lifting or carrying items up to 20 lbs. We value diversity of experience, knowledge, backgrounds, and perspectives and harness these qualities to create extraordinary impact. True Anomaly is committed to equal employment opportunity regardless of sex, race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, pregnancy, maternity or related condition (including breastfeeding) or any other basis as protected by applicable law. If you have a disability or additional need that requires accommodation, please do not hesitate to let us know. This position will be open until it is successfully filled. #J-18808-Ljbffr TrueanomalyincVacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Enterprise Risk Analyst in Denver, CO vacancy
- ...Our team is our competitive advantage and we are better together Your Mission We are seeking a driven and detail-oriented Enterprise Risk Analyst to support two distinct but interconnected lines of effort: Enterprise Risk Management (ERM) and Third-Party Vendor Risk Management...SuggestedPermanent employmentContract workWork at office
$110k - $135.3k
...Job Title Responsible for conducting detailed analysis that contributes to and advances one or more Enterprise Risk Management (ERM) programs to assist CoBank in managing credit/market/operational risks. Job Description The analysis performed will play a key role...SuggestedWork experience placementWork at officeWork visa- First Western is searching for an Enterprise Risk Analyst II in Denver, Colorado. This role involves supporting the execution of the enterprise risk management program, identifying and assessing risks, and promoting consistent risk management practices across the organization...Suggested
- Trueanomalyinc is looking for a detail-oriented Enterprise Risk Analyst based in Denver, CO. The successful candidate will support enterprise risk management and vendor risk management efforts, collaborating with various internal teams to ensure risk mitigation and compliance...Suggested
$63.5k - $95.5k
...skills. Overview You’re a detail-oriented risk professional who enjoys analyzing... ...regulated environment and want to contribute to enterprise risk management, this role is for you. About the Role The Enterprise Risk Analyst II supports the execution of First Western...SuggestedWork at officeFlexible hours$85k - $95k
Leprino, based in Denver, is hiring a Senior Risk & Insurance Analyst to enhance their insurance and risk management programs. You will coordinate insurance renewals, evaluate risks, and support compliance. Ideal candidates have a Bachelor's degree and 5 years of relevant...- ...Job Title: Governance Risk & Compliance Analyst Location: Lakewood, CO Work Model: Hybrid – onsite and remote Overview System One is seeking... ...critical infrastructure rules) and their potential impact on enterprise operations. System One, and its subsidiaries including...Work at officeLocal areaRemote work
- ...Now Hiring: GRC Analyst (Contract-to-Hire) Location: Hybrid (2–3 days onsite) – Lakewood, CO Type: 6‑month contract to hire We’re looking for a GRC Analyst to support enterprise security governance, risk management, and compliance initiatives. This role partners with global...Contract workTemporary workLocal areaImmediate start
$85k - $95k
...motivated individual to fill the position of a full‑time Model Risk Analyst at our Denver, CO location. The salary range for this... ...Description Sunflower Bank is seeking a Model Risk Analyst to join its Enterprise Risk Management Department. The Analyst will be responsible...Full time- ...Governance, Risk & Compliance (GRC) Analyst (AI Training) About the Role We're partnering with the world's leading AI research labs to... ...Background in information security, internal audit, or enterprise risk management Familiarity with GRC platforms or tooling...Hourly payOngoing contractContract workFreelanceRemote work10 hours per weekFlexible hours
- Ensure the accuracy, integrity, and reliability of data used in risk and compliance activities. Write advanced SQL/HQL scripts,... ...leverage new technology. Ensure all data practices adhere to enterprise governance, compliance, and data management standards. Perform...Work experience placement
- ...Must be a U.S. Citizen without dual citizenship. This role is remote. The Risk, Quality, and Performance Analyst serves as the Risk, Quality, and Performance Analyst supporting an enterprise IT services contract. This role is responsible for monitoring and reporting...Minimum wageFull timeContract workTemporary workWork experience placementRemote work
$49.78 - $74.05 per hour
...We are seeking a strategic, hands-on Principal Program Analyst to lead and elevate Enterprise Resilience across our organization. This role will design... ...disaster recovery, business continuity, and enterprise risk management initiatives; partner with clinical, operational...Local areaRemote workWork from home$85k - $95k
...Senior Risk & Insurance Analyst Within our Corporate Enterprise Risk Management team in Denver, Leprino is seeking a Senior Risk & Insurance Analyst to support and strengthen our insurance and risk management programs. This role partners with Finance and teams across...Local area$70k - $75k
...Trust If our mission, values, and purpose align with your own, we would love to hear from you! Your opportunity Support the Financial Risk team in delivering an effective Financial Risk program including counterparty risk, liquidity risk, and market risk oversight....Work experience placement$80k - $100k
...creation for shareholders, customers, and employees. Position Responsibilities An exciting opportunity to join a small but critical Risk Management team at a dynamic, best-in-class public company. As a key member of the department, you will work closely with the SVP of...$90k - $110k
About Judi Health Judi Health is an enterprise health technology company providing a comprehensive... ..., NC area) Position Summary The Analyst supports governance and tracking of client... ...needs, and assists with identifying risks or potential issues. The PG Analyst collaborates...Contract workLocal areaRemote workFlexible hours- Charles Schwab is seeking a Sr. Specialist Risk Analyst to join their Alternative Investment Custody Services team in Lone Tree, Colorado. This role will focus on reviewing and managing the lifecycle of alternative investments, ensuring compliance and enhancing operational...
$140k - $165k
...Insider Risk Specialist Join us in building the future of finance. Our mission is to democratize finance for all. An estimated... ...Partner with People Relations, Legal, Privacy, Security, Enterprise Technology and business leaders Risk Assessments & Business...For contractorsWork at officeFlexible hoursShift work3 days per week$90k - $110k
Analyst, Risk Management - Performance Guarantees Judi Health is an enterprise health technology company providing a comprehensive suite of solutions for employers and health plans, including: Capital Rx , a public benefit corporation delivering full-service pharmacy...Contract workLocal areaRemote workFlexible hours- ...Riveron It Risk Advisory Senior Associate In today's dynamic environment, business leaders face constantly shifting risks. Riveron... ...and access risk review, policy and procedure development, enterprise risk management, and IT and cybersecurity risk assessment. The...Full timeContract workWork at officeShift work
$67k - $92.13k
Risk AnalystKey ResponsibilitiesClaims Administration & Risk ManagementManage guest incident claims from intake through resolution, escalation, or litigation referral, ensuring timely investigation, documentation, evaluation, and follow-up.Conduct claim review, investigation...Work at office$90k - $110k
Capital Rx is seeking a PG Analyst to support governance and tracking of client performance guarantees. This hybrid role will help maintain accurate PG related data while collaborating with Legal, Finance, and Client Services teams. The ideal candidate will have a Bachelor...Remote job$65k - $75k
...Description Provides day‑to‑day tactical support to the enterprise’s second line Information Security Risk & Compliance function by executing defined control... .... The Information Security Risk and Compliance Analyst performs recurring and ad hoc assessments such as user...$100k - $123k
...awards Essential Functions Contributes to the research and development of financial models incorporating credit and/or market risk elements. Contributes to or owns the ongoing management of existing models, which includes maintenance of data/documentation/parameters...Work experience placementWork at officeWork visaFlexible hours$155k - $175k
Join Qualys as a Lead Cyber Risk Advisor and support enterprise customers with risk analysis and vulnerability assessment. You will work within the Qualys Risk Operations Center to monitor threat and vulnerability data, helping to reduce cyber risk exposure. The ideal candidate...$134.5k - $265.1k
...Financial Services Manager - Financial Risk Our Deloitte Regulatory, Risk & Forensic team helps client leaders translate multifaceted... ...). Capital Management / Stress Testing: Capital planning and enterprise stress testing execution (e.g., scenario design support, model...Work at officeVisa sponsorship$90k - $110k
Judi Health is looking for an Analyst in Risk Management to oversee client performance guarantees and related commitments. This hybrid role requires collaboration with various stakeholders to maintain data accuracy and visibility. Candidates should have 1-3 years of experience...Remote job- ...Senior Cyber Risk & Compliance Specialist York Space Systems was founded to radically improve spacecraft affordability and reliability... ...critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit support, third-party risk...Permanent employmentLocal areaWorldwide
- U.S. Bank is seeking a highly skilled Data Validation Analyst in Denver, CO, to support risk management initiatives by ensuring the accuracy and integrity of data. The role involves performing data reviews, writing SQL scripts, and collaborating with cross-functional teams...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Enterprise Risk Analyst. Be the first to apply!
Related searches
- risk officer Denver, CO
- it risk analyst Denver, CO
- risk analyst Denver, CO
- senior quantitative risk analyst Denver, CO
- risk consultant Denver, CO
- operational risk specialist Denver, CO
- operational risk consultant Denver, CO
- third party risk analyst Denver, CO
- technology risk Denver, CO
- risk underwriter Denver, CO


