Technomics, Inc. · 2 months ago
Cyber Risk Analyst SME
Arlington, VA
Full-time
Onsite
Senior Level, Lead/Staff
10+ years expTechnomics, Inc. is a growing employee-owned decision analytics company specializing in cost and economic analysis. They are seeking a Cyber Risk Analyst SME to conduct cyber risk assessments, develop mitigation strategies, and enable proactive enterprise risk identification for their clients in the Federal government.
Information Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Serve as a Subject Matter Expert (SME) in cyber risk assessment, analysis, and mitigation strategies for critical missions
Conduct on-site and remote cyber risk assessments of enterprise systems, applications, and mission-critical infrastructures
Apply NIST SP 800-30 risk assessment methodology, threat modeling techniques, and frameworks such as MITRE ATT&CK to evaluate vulnerabilities, threats, and risks
Develop and present risk characterization reports, mitigation considerations, and recommendations to client leadership and system owners
Create and manage task plans, assessment schedules, and execution strategies to ensure effective delivery of assessment activities
Collaborate with multi-disciplinary teams of SMEs (cybersecurity, systems engineering, OT, supply chain, and mission assurance) to address enterprise risks
Support the identification, analysis, and validation of complex security risks and associated vulnerabilities, including both technical and operational impacts
Assist in the development of threat-informed mitigation strategies aligned with client enterprise assurance goals
Implement data tagging and structured knowledge capture to enable proactive risk identification, trend analysis, and lessons-learned reuse
Build analytic processes that leverage historical assessment data, external threat databases, and adversary TTPs to anticipate potential risks rather than solely reacting to identified vulnerabilities
Provide expert consultation on risk acceptance, mitigation prioritization, and remediation planning to stakeholders
Maintain awareness of emerging threats, vulnerabilities, adversary tactics, and best practices for defense in depth across the nuclear enterprise
Qualification
Required
10+ years of experience in cybersecurity risk assessment, vulnerability analysis, or cyber mission assurance
Deep knowledge of NIST SP 800-30, NIST Risk Management Framework (RMF), and related federal standards
Hands-on experience with threat modeling approaches and application of MITRE ATT&CK for risk evaluation
Demonstrated ability to conduct complex cyber risk assessments and present findings to executive and technical audiences
Proven ability to develop task plans, manage assessment milestones, and work independently or as part of a team
Strong writing and briefing skills to produce risk reports, mitigation strategies, and decision support artifacts
Active DOE Q or higher (or ability to obtain)
Preferred
Experience supporting national security organizations
Familiarity with supply chain risk management (SCRM), insider threat analysis, or mission-critical system assurance
Operational Technology (OT) and Systems Engineering (SE) experience in complex enterprise environments
Knowledge of nuclear enterprise operations and mission dependencies
Technical certifications such as Security+, CISSP, CISM, C-RMA, CAP, CEH, or OSCP
Prior experience briefing and advising SES-level leadership or program executives
Familiarity with tools supporting risk assessments and vulnerability analysis (e.g., Threat Modeling tools)
Company
Technomics, Inc.
Technomics is a growing, employee-owned consulting firm that specializes in the exciting and challenging field of weapon system cost analysis.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Thomas Oettinger Jr.
Chief Financial Officer
Recent News
Seattle TechFlash
2025-06-11
EIN Presswire
2025-04-17
EIN Presswire
2025-04-02
Company data provided by crunchbase