CO - P4644 - Compliance and Risk Analyst

The Security Compliance and Risk Analyst plays a critical role in safeguarding the organization’s information assets by ensuring compliance with regulatory requirements, internal security policies, and industry best practices. This mid-level position serves as a key contributor to the cybersecurity program, focusing on risk assessment, vulnerability management, and compliance monitoring. The analyst is responsible for identifying and mitigating security risks, conducting vulnerability scans, analyzing results, and coordinating remediation efforts across multiple teams. Additionally, the role leads the coordination of the annual Business Impact Analysis (BIA) to support continuity planning, manages the agency’s security awareness training program, and maintains the Incident Response Playbook to ensure a structured and effective response to cybersecurity incidents. Success in this position requires a proactive approach to emerging threats, strong analytical skills, and the ability to collaborate effectively with technical and non-technical stakeholders.

Please note this position follows a hybrid work schedule to include both in-office and telework. Candidates must be able to work from the assigned work location in Virginia.