Cyber and IT Security Risk Analyst – Bethesda, MD

Job Description

Company: InteliX Systems

Location: Bethesda, US

Cyber And It Security Risk Analyst
Location: Bethesda, MD
Contract: 12 Months
Position Summary
We are seeking a Cyber and Information Security Risk Analyst to join our growing professional services team. As a Cyber and IT Security Risk Analyst, you will assist with identifying, measuring, reporting, and addressing cyber risks both internally and externally with partners and suppliers. The position is hybrid, requiring flexibility for onsite work as needed.
What You’ll Do
• Apply methodologies to identify, measure, and monitor information security and cybersecurity risks, including reporting on performance against established service level agreements (SLAs).

• Follow company-wide risk assessment procedures and controls, document risk treatments, and develop reporting plans.

• Consult with development and IT operations teams on designing secure applications and information systems from a cyber and IT risk perspective.

• Collaborate with internal and external IT operations teams to configure IT assets, including web, database, and application servers in both on-premises and cloud environments.

• Assist in designing and documenting security procedures for hybrid infrastructure environments.

• Work with development and system administration teams to support and monitor CI/CD pipelines.

• Execute information security and cybersecurity awareness plans for employees, contractors, and suppliers.

• Support internal and external audits and compliance efforts.

• Document implementation statements for security controls based on the NIST SP 800-53 Rev. 5 framework.

Experience & Education Requirements
What You’ll Need to Succeed:
• Bachelor’s degree in Information Technology or a related field, or equivalent relevant experience.

• 5+ years of experience in the Information Technology industry, preferably with exposure to DevSecOps environments.

• Strong communication skills with the ability to present confidently to stakeholders.

• Analytical mindset to assess technical designs and determine associated risks and impacts.

• Ability to manage upward and communicate proactively.

• Strong relationship-building skills with team members, managers, and clients.

• Proactive approach to continuous improvement and staying current with emerging cyber threats.

• Knowledge of NIST SP 800-53 Rev. 5 standards for security controls.

Preferred Qualifications
• Certified Information Systems Security Professional (CISSP®) certification.

• Cloud certifications such as Certified Cloud Security Professional (CCSP®).

• Experience or training in DevSecOps methodologies.

Source: Lensa