Third Party Cyber Risk Management Analyst

Falls Church, VA, USA

NikSoft Systems Corp.

NikSoft Corporate Site

View all jobs at NikSoft Systems Corp.

Apply now Apply later

We are searching for a Third Party Cyber Risk Analyst to support the Cybersecurity program at the United States Postal Service. The candidate will support the Risk Management, System Certification & Accreditation (C&A) processes; Information Assurance (IA) processes; system ATOs, and continuous monitoring of enterprise applications. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US. Join the NikSoft team to scale your career to the next level.


Must have demonstrated knowledge and experience in:

  • Designing, developing, implementing, executing, and improving third-party cyber risk management strategy and practices (public and/or private sector)
  • Adapting and implementing industry cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP)
  • Assessing supply chain risk based on recognized audit reports (e.g., SOC 2 Type II) and/or questionnaire responses
  • Managing and instructing diverse teams with varying levels of subject matter expertise
  • Managing competing priorities to ensure timely completion of work
  • Communicating with cross-functional leadership and other stakeholders (especially supply chain management) on third-party risk management strategy, risk management activities, and risks
  • Learning on the job to expand knowledge for self and team members
  • Working with third party risk assessment platforms (e.g., Process Unity GRX)
  • Working with Risk Management platforms (e.g., Diligent RSAM)
  • Technical Writing
  • Contract Review and Negotiations
  • Defining clear tasks and communicating topics to leadership through concise and succinct presentations.

Nice to have:

  • Public and Private Sector experience
  • Proximity (<50 miles) to Gatehouse (Falls Church, VA) or Aerial (Morrisville, NC) for in-person activities
  • Familiarity with CyberGRX (now Process Unity GRX) and Diligent RSAM

Qualifications:

  • Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 2-4 years of overall experience.
  • 10+ years of experience working as a Risk, Information Assurance, or Information Systems Security Analyst.
  • Knowledge of the NIST Risk Management Framework (RMF) and security controls is required.
  • This candidate must understand the risk management process, risk mitigation, and risk tracking.
  • Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.
  • A self-starter with proven abilities to collaborate and gather information from multiple teams.

****Candidates must be able to obtain a Postal Sensitive Clearance (US Citizenship or Green Card required). Additionally, candidates must not have traveled outside of the USA for a combined period not to exceed 6 months within the last 5 years.***

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  4  1  0

Tags: C Clearance FedRAMP ISO 27001 Monitoring NIST NIST 800-53 Risk assessment Risk management RMF SOC SOC 2 Strategy Zero Trust

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.