Senior Risk and Vulnerability Analyst

Aperio Global is seeking a highly skilled Senior Risk and Vulnerability Analyst to join our dynamic team in an upcoming program. This position under the Cybersecurity and Infrastructure Security Agency (CISA), identifies and prioritizes cybersecurity risks to national critical infrastructure to inform the development of cyber operations plans and programs. The JCDC Planning Office integrates information on cyber threats, vulnerabilities, and consequences, and uses resources and capabilities from across public and private sector stakeholders to identify, analyze, and prioritize cybersecurity risks of national significance. The JCDC Planning Office also works closely with CISA Intel and the Intelligence Community (IC) to ensure cyber threat intelligence is integrated into JCDC risk analysis and JCDC joint cyber defense plans. This work supports the development of the JCDC Planning Agenda by providing leadership with an understanding of the greatest cybersecurity risks so they can make informed decisions on the joint cyber defense plan priorities. Your expertise and dedication will play a vital role in our success.
Specific tasks include:
·       Support the development of risk analysis models, tools, and methodologies to enable risk prioritization.
·       Support the development of standard risk analysis policies, standard operating procedures, and similar documents to ensure standardized approaches across the JCDC Planning Office.
·       Support the development of risk analysis processes and procedures that incorporate data and capabilities from other CISA offices, USG partners, and nonfederal partners.
·       Maintain a comprehensive understanding of how risk analysis can inform JCDC Planning Office efforts.
·       Identify and collect requirements to support the development of roadmaps, strategies, or plans for analytic tools, software, and platforms.
·       Support the development of methodologies, policies, and procedures for assessing the risk reduction impact of JCDC Planning Office planning and operations.
·       Identify existing information and production efforts on cyber threats, vulnerabilities, and consequences.
·       Prepare recommendations to fill analytic gaps and support risk prioritization.
·       Provide data science expertise to support data integration efforts.
·       Coordinate with CISA Intel and IC partners, including DHS Intelligence and Analysis, to incorporate intelligence into JCDC plans.
·       Monitor intelligence products for the relevance to cyber defense operations and develop recommendations for how to incorporate this intelligence into cyber defense plans and operations.
·       Coordinate with CISA Intel on how to incorporate intelligence into cyber defense plans and operations.
·       Provide recommendations on how to integrate cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.
·       Develop and implement, at the direction of CISA, processes for integrating cyber threat intelligence from industry partners with USG intelligence to assist in developing a common operating picture that informs cyber defense plans and operations.
·       Support the JCDC in maintaining the JCDC Intelligence Support Annex—including monitoring, reviewing, and updating the intelligence support process.
·       Establish and maintain an effective structure for information management and sharing with appropriate stakeholders via agency provided and/or authorized sharing mechanisms which currently include Intelink, SharePoint, Teams, and Confluence/Maestro.
 
Requirements
·       Minimum of 8 years of experience using cyber threat intelligence and cyber vulnerability data to develop cyber risk analyses that inform organizational prioritization and cyber operations.
·       Must possess a Top-secret clearance.
·       Experience must demonstrate proficiency in understanding how to use various data sets and sources of information to develop a defensible and repeatable risk analysis methodology.
·       Excellent organizational skills, attention to detail, and sound skills in written and oral communication is a must.
·       Must be able to read and speak fluent English
 
Benefits
At Aperio Global, we understand the value of investing in our most important asset—our employees. That's why we have crafted a comprehensive benefits package designed to help you make the best decision for yourself, your family and your lifestyle. For additional details, contact our talent acquisition team.
Aperio Global fosters a diverse work environment and provides equal employment opportunities (EEO) to all employees and applicants for employment. We prohibit discrimination and harassment of any type and offer employment opportunities without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other distinction protected by federal, state or local laws.
 
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k, IRA)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off (Vacation, Sick & Public Holidays)
Short Term & Long Term Disability
(and much more)