drjobs Cyber Risk Analyst
  1. Home
  2. Jobs In USA
  3. Jobs In Illinois
  4. Jobs In Lemont, IL
  5. Cyber Risk Analyst

Cyber Risk Analyst

Delan Associates
Posted on : 19-09-2025

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
drjobs
Register to Apply Apply Now
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Lemont, IL - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Posted on : 19-09-2025

Job Description

Title: Cyber Risk Analyst

W-2 Only (no 1099)

Must be a U.S. Citizen

Companys Location: Lemont IL

Job Description

Background:
The Companys Cyber Security Program Office promotes the safe and secure use of information technology. There are a variety of risks and threats inside and outside of the Laboratory.

Companys Cyber Security Program Office (CSPO) safeguards the Laboratory by identifying protecting against detecting responding to and recovering from cybersecurity risks and incidents. Services include consultation and guidance; detection and protection technologies; education and awareness; incident management; vulnerability management; and risk assessment and compliance.

Contract Position: Full Time 40 hour work week

Period of Performance: 1 Year

Scope:
The Cyber Risk Analyst will play an important role in identifying and communicating areas of concern and risks to the business. This engagement will free up other cybersecurity resources to work in other critical Argonne areas. The ideal candidate will need to:
Possess a working level expertise with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and the NIST 800-53 series of control families and approaches.

  • Perform detailed analysis and a cyber risk assessment of Cloud Service Providers (CSPs).
  • Engage with vendors to review controls certifications and risks in support of the associated business need and the laboratorys risk tolerance.
  • Partner with the CSPO in the development of risk assessment and reporting processes within the Laboratorys Governance Risk and Compliance (GRC) tool Talatek TiGRIS.
  • Partner with others from within the CSPO team and Laboratory IT environment to perform risk-based assessments of NIST 800-53 control validation and gap analysis.
  • Collaborate with the CSPO to present outcomes of risk analysis work using presentation methods to CSPO and other lab audiences (IT admins Deputy CIO CISO)
  • Maintain assessment and assessment results in identified repositories e.g. the Labs GRC tool Talatek TiGRIS MS Excel Box or Box
  • Assist in the performance of the laboratorys Divisional Site Assist Visit (DSAV) self-assessment and continuous monitoring strategy assessing the cyber security controls and their implementation in various programmatic spaces.

Objectives

The ideal candidate will have:

  • A fundamental understanding of IT Risk management and the NIST 800 series framework.
  • Experience with government environments.
  • Experience working closely with cyber security leadership and peers along with IT system/process owners to capture artifacts for control testing.
  • Technical understanding of systems and technologies to inform audits and assessments.
  • Ability to translate results into business-oriented task-focused presentations.
  • The ideal candidate will support the projects and tasks associated with Cybersecurity Risk Assessment and Compliance.
  • Ability to support urgency and timeliness expectations assuring risk assessments are completed to support DOE Authority to Operate and Authority to Use deadlines.
    • Typically the assessment presentation cadence is weekly for the DOEs Company Site Office and monthly for the DOE Authorizing Official.

Qualifications:

  • Considerable knowledge of Risk Management and Risk Management Framework (RMF) requirements
  • Working level knowledge of the NIST 800 Rev 5 series framework
  • Considerable knowledge/experience of assessing controls.
  • Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • Experience in working with Governance Risk Compliance systems.
  • Experience presenting reports and outcomes to leadership tracking to closure and creating buy-in to risk management.
  • Experience and skill in conducting audits or reviews of technical systems.
  • Experience assessing vendor risk.
  • Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance relative to the goals of the system.
  • Ability to skillfully communicate through various methods. This includes written documentation. The audience will be leaders and executives. Finalists may be asked to complete a brief job-relevant writing exercise.
  • Ability to work autonomously as a contributing member of a small technical team
  • Experience working in a government environment.
  • Experience working in a distributed IT environment.
  • Basic knowledge of cyber security concepts.
  • Working knowledge of networking administration.
  • Working knowledge of system administration.
  • Ability to qualify for HSPD-12 card for use in two-factor authentication.
  • Able to effectively interact with user organizations to validate controls.
  • Able to effectively disseminate knowledge to current staff.


Technical Direction of Work
Report to a senior staff Cyber Risk Analyst within Business & Information Services; including daily guidance and collaboration with others in the Cyber Security Program Office (CSPO).

REMOTE:
Typically the work is performed remotely. For the candidate within driving distance of the Lab there may be rare times to be onsite for in-person meetings assessments or presentations. Most of the Business Information Services (BIS) Division works remotely and are rarely onsite. If the candidate is out of state too far away from the Lab onsite meetings are not feasible to attend and not required.

The following expectations are part of working remote:

  1. Working remotely outside of scheduled times requires supervisor approval prior to performing that remote work.
  2. While working remotely just like when onsite all scheduled meetings must be attended (using approved remote communication tools).
  3. The candidate must be available for consultation during all scheduled work time reachable by email phone chat or other approved means.
  4. Performance will be monitored to determine productivity for remote work at least matches that when onsite. If performance and deliverables decline remote work may be suspended.
  5. Should a situation arise that requires the candidate to be onsite while scheduled to work remotely accommodation will be made to reschedule the remote work if desired.
  6. The remote work privilege may be revoked at any time at the discretion of company.
  7. A flexible work schedule may also be possible if the schedule is agreed to by the candidate and approved by the supervisor and sponsor.
  8. Should the laboratory close operations due to weather or other circumstances remote work is preferred.
  9. The candidate must track their remote work schedule into the CSPO absence calendar and be approved by CSPO supervisor.


Expectation/Deliverables:

  • Assist in the management of Lab-Vendor risk assessments throughout the engagement.
    • Includes analysis and a cyber risk assessment of Cloud Service Providers (CSPs) (Vendors).
  • Regularly engage with vendors to review controls certifications and risks.
  • Regularly engage with ANL System Business Owners to review controls convey/educate regarding identified risks and coordinate various control implementation with BIS technicians when necessary.
  • As necessary work various Governance Risk and Compliance (GRC) projects using GRC tool Talatek TiGRIS.
    • Includes various risk-based assessments of NIST 800-53 Rev 5 control validation and gap analysis.
  • Present outcomes of risk analysis work to CSPO and other lab audiences as needed.
  • Perform assessment and assessment result maintenance in the GRC tool /Talatek TiGRIS as necessary.
  • Deliverables include assessment process documents and assessment report management updates in Talatek TiGRIS and communicating via E-Mail TEAMS etc.


Computer Protection Program
Contractors shall comply with Company Computer Protection Program and Cyber Security Program requirements by:

  • Completing required training and understanding the protection requirements for any systems applications or sensitive data they access.
  • Adhering to all applicable policies and procedures and not bypassing any controls protecting data applications hardware or communications.
  • Maintaining a work environment that meets audit privacy and security standards.
  • Immediately reporting any suspected or actual deficiencies in protection procedures to their technical contact the BIS Computer Protection Program Representative.


Government-Furnished Property
Company will supply a government-furnished laptop PIV Card and PIV Card reader.

Place of performance
Work will be performed remotely using communication through Microsoft tools such as Microsoft Teams and Microsoft Outlook

Period of Performance

Work would begin in October 2025 for 40 hours per week for 1 year.


Required Experience:

IC

Employment Type

Contract

Company Industry

Key Skills

Register to Apply
Apply Now

About Company

Delan Associates
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
Start Now

Dr.Job AutoApply

3X your job search with AutoApply's AI for faster dream job results.

Similar Jobs

Cyber Strategy & Architecture Consultant

Nviso - Brussels

Cyber Strategy & Architecture Manager

Nviso - Brussels

Senior Cyber Strategy & Architecture Consultant

Nviso - Brussels

Principal Cyber Strategy & Architecture Consultant

Nviso - Brussels

Credit Risk Manager

Banxware Gmbh - Berlin

Senior Developer-System Architecture (Cyber Security)

Cyber Curriculum - Berlin

Risk Operations Manger

Banxware Gmbh - Berlin

Senior Full Stack Developer (Cyber Security)

Cyber Curriculum - Berlin
  1. Home
  2. Jobs In USA
  3. Jobs In Illinois
  4. Jobs In Lemont
  5. Cyber Risk Analyst
About Drjobpro.com

Dr. Job is an online platform that connects employers with skilled job seekers, facilitating the search for job opportunities and top talent. Established in 2015. Dr. Job Pro has emerged as the world premier job portal, attracting thousands of job seekers every day from all over the world.

Follow Dr.Job

LinkedIn Drjobpro Facebook Drjobpro Twitter Drjobpro Instagram Drjobpro Youtube Drjobpro Tiktok Drjobpro SnapChat Drjobpro
Payment accepted icon

Dr Job FZ LLC. 2025 © All Rights Reserved

Terms of Use Privacy Policy Cookie Policy

Company

About

How it Works

SiteMap

Contact Us

Blog

Popular Searches

Popular jobs in worldwide

Employer

Post Job Free

CV Search

ATS Partners

Job seeker

Job Seeker Login

Job Seeker Register

Search Jobs

AI Job interview

AutoApply

Companies by Location

Help

Jobs by Countries

Jobs In Saudi Arabia

Jobs In Kuwait

Jobs In Qatar

Jobs In Bahrain

Jobs In Egypt

Jobs In Jordan

Jobs in USA

Jobs in UK

Jobs in India

Change Country