7,019 Cyber Risk Management jobs in the United States

Total Number of Openings
1
Chevron is accepting online applications for the position **OT Risk Analyst, Cyber Risk Management** through **September 3, 2025** at **11:59 p.m.** (Central Time).
Chevron is a leading organization in the field of cybersecurity, dedicated to protecting our internal data and systems from cyber threats. We are looking for a motivated and skilled Cybersecurity Risk Analyst to join our dynamic team.
Deliver the cybersecurity strategy, partner with business and platform stakeholders to identify and manage technical and business risks and ensure IT operations alignment to a risk-based compliance program.
**Responsibilities for this position may include but are not limited to:**
+ Conduct risk assessments and vulnerability analyses on IT systems.
+ Monitor and analyze security alerts and incidents.
+ Develop and implement risk mitigation strategies.
+ Collaborate with IT and cybersecurity teams to enhance security measures.
+ Stay updated on the latest cybersecurity trends and threats.
+ Assist in the development and maintenance of cybersecurity policies and procedures.
**Required Qualifications:**
+ Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field or a Bachelor's in an unrelated field with relevant work experience.
+ Minimum of 2 years related work experience in cybersecurity risk management
+ Strong knowledge of NIST (800-53 and CSF 2.0) standards and the key elements of the risk management framework
+ Solid understanding of IT systems and networking.
+ Knowledge of entry-level cybersecurity concepts and practices.
+ Experience with risk assessment tools and methodologies.
+ Strong analytical and problem-solving skills.
+ Excellent communication and teamwork abilities.
+ Relevant certifications (e.g., CompTIA Security+, CISSP) are a plus.
**Preferred Qualifications:**
+ Knowledge about Industrial Control Systems along with Oil and Gas operations is a plus.
+ Experience with Agile
**Relocation Options:**
Relocation **will not be** considered.
**International Considerations:**
Expatriate assignments **will not be** considered.
Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.
U.S. Regulatory notice:
Chevron is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin or ancestry, age, mental or physical disability, medical condition, reproductive health decision-making, military or veteran status, political preference, marital status, citizenship, genetic information or other characteristics protected by applicable law.
We are committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or an accommodation, please email us at .
Chevron participates in E-Verify in certain locations as required by law.
Chevron Corporation is one of the world's leading integrated energy companies. Through its subsidiaries that conduct business worldwide, the company is involved in virtually every facet of the energy industry. Chevron explores for, produces and transports crude oil and natural gas; refines, markets and distributes transportation fuels and lubricants; manufactures and sells petrochemicals and additives; generates power; and develops and deploys technologies that enhance business value in every aspect of the company's operations. Chevron is based in Houston, Texas. More information about Chevron is available at .
Chevron is an Equal Opportunity / Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status, or other status protected by law or regulation.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
The anticipated salary range for this role is between $190,000.00 and $255,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
**Role Description**
The Risk Director role supports the development and implementation of the Information Technology (IT) and Cybersecurity risk management framework, the SMBC Group Americas Division (AD), in accordance with applicable regulations, home office policies and industry practices for risk management.
The Risk Management Department (RMDAD) is the second line of defense in its role of monitoring and assessing business practices as related to the risk appetite framework for SMBC. Within the RMDAD, the Non-Financial Risk (NFR) establishes technology & cyber risk oversight with defined roles and responsibilities across first and second lines. The Risk Director is responsible for providing second line review and challenge as part of the framework execution.
**Role Responsibilities:**
Supports the Head of Technology and Cyber Risk Management (TCRM) in ensuring IT, data management, and cybersecurity risks are adequately governed and managed
Maintain risk policies and framework to govern IT, data management and cybersecurity risk management
Review and challenge effectiveness of 1st line IT and Cyber control programs, report to risk committees, senior management and support board-level committee update
Review and challenge of the 1st LOD risk identification, assessment, mitigating activities, and overall operational risk profile as it relates to IT, data management and cybersecurity risks
Provides feedback and guidance on IT, data management and cybersecurity risk matters, standards, policies and control framework
Understands the impact of IT, data management, and cybersecurity risk across the business, group companies, and functions bank-wide
Understands changes related to regulatory, new product/initiative, processes, controls, events, issues, etc., in the IT, data management, cybersecurity, and operational resiliency risk domains that may impact the operational risk profile of the bank
**Role Expertise and Qualifications:**
Well-versed in technology & cyber risk management practices with the ability to connect and align with the firm's operational risk management processes
Ability and working experience in committee and board-level reporting
10+ years of direct work experience within the financial services or technology industries, focused on risk management, regulatory & audit, information technology, data management, cybersecurity
Subject matter expertise in IT and Cyber programs including Vulnerability Management, IT Asset Management, Identity & Access Management, Application Security, SDLC, IT Service Management, Change Management, Incident & Problem Management, Resilience & Continuity
Foundational knowledge of enterprise risk management industry practices including project management, and risk control self-assessments
Working knowledge of technology and cyber risk management process and controls, industry practices and framework (e.g., NIST, ISO, ITIL, COBIT).
Detail oriented, with proven ability to question the status quo and apply effective challenge, as appropriate
Strong organizational skills, with proven ability to successfully manage multiple, concurrent priorities
Demonstrated ability to influence a group of diverse stakeholders
Ability to work effectively in a matrixed environment and across various organizational levels, where flexibility, collaboration, and adaptability are important
Ability to work independently
Strong analytical skills and attention to detail
Foundational knowledge of banking laws and regulations
Maintain an operational risk management and regulatory compliance mindset to understand underlying risks and weaknesses to properly assist in mitigating such risks
Strong interpersonal and communications skills to successfully interface across various levels and maintain solid working relationships
Strong desire to continually deliver a quality and meaningful work product in a timely and efficient manner
Bachelor's/University degree, Master's degree preferred
CISA, CISM, CISSP, CRISC or other IT & Cybersecurity certifications preferred
SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Job Family :

Cyber Consulting

Travel Required :

Up to 25%

Clearance Required :

Active Secret

What You Will Do :

Guidehouse is seeking a Cyber Security subject matter expert and advisor for a major DoD service Business Applications. This person will update and enhance IT risk assessment strategy. Work with Government Cyber Security SME to enhance security measures to protect sensitive data and stay on top of the Risk Management Framework (RMF) and Authority to Operate (ATO) for DAF.

What You Will Need :

• Bachelor's Degree AND additional FOUR (4) years' experience related to Cyber Security, Risk Management or IT Technology Consulting may be used in lieu of a Bachelor's degree

• Minimum of SIX (6) years of Experience

• Security Clearance: Secret

• Active CompTIA Security+ Certification

• Ability to travel to DoD Base(s) in MD - Required (at least 2-3 days a week)

• Walk, support and track Business Systems through RMF, ATO and POA&M processes

• Support transition planning to NIST 800-53 Rev 5 by directly working with Government Cyber POC.

• Manage and support The Chief Financial Officer (CFO) Act Compliance for financial and financial feeder systems

• Develop tools and insights to enhance the CFO Compliance

• Review compliance issues, consolidate documentation and reconcile issues with system PMs

• Conduct thorough testing of systems in accordance with NIST 800-53 Rev 5.

• Experience/exposure in Analytics tools like PowerBI, Tableau, and Qlik

• Develop and implement POA&Ms to address issues.

• Developing end to end estimates and support estimates for various CS audit and governance

• Solid Office 365 platform experience and presentation skills

What Would Be Nice To Have :

• Master's Degree Preferred

• Cyber Certifications Desired: CISA or CISSP

What We Offer :

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

**Job Family** **:**
Cyber Consulting
**Travel Required** **:**
Up to 25%
**Clearance Required** **:**
Active Secret
**What You Will Do** **:**
Guidehouse is seeking a Cyber Security subject matter expert and advisor for a major DoD service Business Applications. This person will update and enhance IT risk assessment strategy. Work with Government Cyber Security SME to enhance security measures to protect sensitive data and stay on top of the Risk Management Framework (RMF) and Authority to Operate (ATO) for DAF.
**What You Will Need** **:**
+ Bachelor's Degree AND additional FOUR (4) years' experience related to Cyber Security, Risk Management or IT Technology Consulting may be used in lieu of a Bachelor's degree
+ Minimum of SIX (6) years of Experience
+ Security Clearance: Secret
+ Active CompTIA Security+ Certification
+ Ability to travel to DoD Base(s) in MD - Required (at least 2-3 days a week)
+ Walk, support and track Business Systems through RMF, ATO and POA&M processes
+ Support transition planning to NIST 800-53 Rev 5 by directly working with Government Cyber POC.
+ Manage and support The Chief Financial Officer (CFO) Act Compliance for financial and financial feeder systems
+ Develop tools and insights to enhance the CFO Compliance
+ Review compliance issues, consolidate documentation and reconcile issues with system PMs
+ Conduct thorough testing of systems in accordance with NIST 800-53 Rev 5.
+ Experience/exposure in Analytics tools like PowerBI, Tableau, and Qlik
+ Develop and implement POA&Ms to address issues.
+ Developing end to end estimates and support estimates for various CS audit and governance
+ Solid Office 365 platform experience and presentation skills
**What Would Be Nice To Have** **:**
+ Master's Degree Preferred
+ Cyber Certifications Desired: CISA or CISSP
**What We Offer** **:**
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
+ Medical, Rx, Dental & Vision Insurance
+ Personal and Family Sick Time & Company Paid Holidays
+ Position may be eligible for a discretionary variable incentive bonus
+ Parental Leave and Adoption Assistance
+ 401(k) Retirement Plan
+ Basic Life & Supplemental Life
+ Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
+ Short-Term & Long-Term Disability
+ Student Loan PayDown
+ Tuition Reimbursement, Personal Development & Learning Opportunities
+ Skills Development & Certifications
+ Employee Referral Program
+ Corporate Sponsored Events & Community Outreach
+ Emergency Back-Up Childcare Program
+ Mobility Stipend
**About Guidehouse**
Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.
If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.
_Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee._

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
The anticipated salary range for this role is between $163,000.00 and $250,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
**Role Description**
The results of the CRA are utilized to drive monitoring and testing activities and to prioritize Compliance and other resources as new emergent risks are identified.
This role will include conducting compliance risk assessments of certain U.S. legal entities in the role of subject matter expert ("SME") as well as managing other SMEs outside of the CRA team in their conduct of compliance risk assessments for the legal entities they cover (primarily non-U.S. entities). The role requires leading workshops with 1st line of defense ("1LOD") and Compliance and other 2nd line of defense ("2LOD") subject matter experts to assess relevant compliance risks and controls.
The scope of this function will encompass SMBC Group's Americas Division, inclusive of U.S. broker dealer and registered swap dealer; SMBC Group's wholesale and retail banking operations; U.S. and LATAM representative offices; Grand Cayman Branch; Canada Branch; Brazilian banking and trading subsidiary; and Mexican non-bank leasing affiliate.
The candidate should have a track record of successfully managing projects as well as a strong risk management / internal control mindset to assess compliance risks and controls. Additionally, strong knowledge of either U.S. securities/commodities laws and regulations (SEC, CFTC, FINRA) or U.S. banking regulations (e.g., Federal Reserve) and relevant products and services is essential.
**Role Objectives**
+ Manage comprehensive range of program management matters and supports prioritization, scope of work and deliverables related to the CRA program.
+ Assist Head of Risk and Control Assessment and CRA Program Lead in managing the CRA process, including ensuring required tasks are completed in a timely manner and that CRA team retains all required documentation.
+ Assist with the continuous enhancements to the design and methodology of the CRA framework for SMBC Americas Division.
+ Track status of initiative, projects, and milestones and circulate information in weekly and monthly status reports, as needed, including escalating to management and relevant stakeholders on potential issues.
+ Oversee execution of the book of work, budgets and change program with accountable stakeholders and technology partners, including handling day-to-day matters to ensure responsibilities are clear and milestones are being met according to plans.
+ Develop, document, and maintain tracking and reporting tools (through SharePoint, Excel, etc.) to facilitate effective and efficient management status reporting for development and maintenance of GRC and CRA related programs.
+ Work with CRA team to execute compliance risk assessments of various U.S. entities according to candidate's skills set (e.g., broker dealer or lending).
+ Learn how to utilize newly implemented CRA technology solution and provide training to subject matter experts outside the CRA team who are required to use the tool.
+ Assist in the presentation of CRA results to senior 1LOD and 2LOD management, including an overview of the level of compliance risk and the strength of relevant controls.
+ Help develop risk dashboards designed to identify the regulatory compliance risk profile on an ongoing basis.
+ Support the integration of the CRA results with the activities of the Compliance Department, including with respect to documenting key controls as well as driving monitoring and testing plans.
**Qualifications and Skills**
+ Bachelor's Degree required; JD or MBA is a strong plus (but not required).
+ Minimum of 15 years of prior regulatory, compliance, project management and/or risk management experience.
+ Experience managing projects, creating project plans, tracking statuses, and reporting issues to management.
+ Functional knowledge of either U.S. banking regulations (FRB, FDIC, CFPB) or securities/swap dealer regulations (SEC, CFTC, FINRA, NFA) and related products and services.
+ Experience working in a Compliance Advisory role covering either banking products/services or trading/capital markets businesses or conducting Compliance Risk Assessments is a strong plus.
+ Strong interpersonal and communications skills (written and verbal) to successfully interface with all levels of management and maintain solid working relationships in a collaborative group environment.
+ Demonstrated track record of successfully managing projects and utilizing project management documentation and reporting tools (SharePoint, PowerPoint, Excel, etc.)
+ Ability to manage multiple projects simultaneously and re-prioritize workloads as necessary.
+ Strong analytical skills to understand project goals and interpret them into meaningful action.
+ Ability to analyze results and identify trends / forecasting using resultant data and other available metrics (e.g., KPI, KRIs, etc.) while promoting measures to mitigate regulatory compliance risk.
SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Job Description

Job Description

Provide Advisory and Assistance Support (A&AS) to support the NC3 Enterprise Center with the day-to-day responsibility for overseeing and managing NC3 operations, maintaining enterprise-wide visibility, assessing comprehensive operational and technical risk, and, with the active NC3 Enterprise Stakeholder participation, developing, presenting, and advocating future capabilities, risk management options, and prioritization recommendations to the Chairman Joint Chief of Staff (CJCS) and Deputy Secretary of Defense (DepSecDef) on behalf of all NC3 Stakeholders. The focus of this task order is for the contractor to provide subject matter expertise in conducting systems analysis, systems engineering, technical analysis, solution integration, operations assessment, operations analysis, risk management, requirements identification, requirements advocacy, intelligence assessments, technology identification, identifying future concepts and architectures, and other assigned tasks supporting CDRUSSTRATCOM's ability to plan and execute Strategic Deterrence and NC3 operations to accomplish the mission as outlined in the National Defense Strategy

POSITION REQUIREMENTS

At least 5 years of experience in the following:

Operation capabilities and procedures, and experience in the operations platforms, communications, and modes of operations. Desire: NC2/NC3 background to include an understanding of Chairman, Joint Chiefs of Staff Instructions, Manuals, and nuclear Emergency Action Procedures.

At least 3 years of experience in the following:

Familiarity with the Joint Risk Analysis process and how it applies to NC3enterprise; applying NC3 expertise, providing support for timely NC3 risk capability assessments and advice on mitigation options; experience employing cross-cutting methodology to measure risk for integrated systems; proficiency in building risk metrics and maintaining a framework for assessments.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, national origin, disability status, protected veteran status or any other characteristic protected by law. Constellation West will not discharge or, in any other manner, discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

ABOUT THE ORGANIZATION

Constellation West is an award-winning company that delivers Information Technology (IT) engineering services and solutions along with non-IT subject matter expertise worldwide. Established in 1997, Constellation West is an industry leader, partnering with key organizations. As a prime contractor or preferred subcontractor, we have a continual list of opportunities to fill across the nation with multiple agencies such as the Department of Veteran Affairs, the Department of Defense, civilian agencies, and the national intelligence community. Many of the positions supporting U.S. federal government require our employees be granted security clearances.

Constellation West provides fully integrated solutions spanning all aspects of system/network engineering, system/network administration, data management, information assurance, quality assurance, full lifecycle support, software development, and geospatial information services. Constellation West looks for the right people ready to step up and be part of a dynamic team.

If you are looking for a new challenge and a rewarding opportunity to apply your expertise, knowledge, and problem solving skills, come join our team! Constellation West offers competitive salary and benefits including:

• Tuition reimbursement

• Competitive 401(k) plan

• Competitive Health Benefits

• 10 Paid Holidays!

• 15 PTO Days!

• Veteran Hiring Preference

Constellation West is proud to be an EEO/AA employer M/F/D/V

**Job Family** **:**
Cyber Consulting
**Travel Required** **:**
None
**Clearance Required** **:**
Active Secret
**What You Will Do** **:**
+ Provide cybersecurity analysis support in the delivery of detailed enterprise cybersecurity risk analysis and reporting project with a large federal agency; leverage advanced critical thinking capabilities to identify organizational cybersecurity risks and impacts. _Note:_ _This work is not related to the Assessment and Authorization (A&A) process._
+ Prepare for enterprise cybersecurity risk assessments by performing detailed organizational research and analysis to determine potential business impacts to mission objectives.
+ Conduct Tier 1 (organization) and Tier 2 (business/mission) level cybersecurity risk assessments in accordance with NIST Federal Information Processing Standards and Special Publications, OMB guidance, DHS Binding Operational Directives, and other regulatory authorities.
+ Perform detailed quantitative and qualitative organizational research and analysis regarding cybersecurity risks (threats, vulnerabilities, likelihood, and impact).
+ Identify and develop detailed actionable recommendations for remediating cybersecurity risks in alignment with the organization's defined risk tolerances and risk threshold.
+ Gather threat and vulnerability information from internal and external information sharing forums and sources.
+ Communicate cybersecurity risk assessment results through written narrative reports and executive-level presentations
+ Identify, coordinate, track remediation, and monitor risk exposures; identify and communicate trends in data
+ Evaluate cybersecurity program effectiveness in identifying, managing, and reducing risk.
+ Collaborate cross-functionally with internal analysts and engage external stakeholders to build awareness of cybersecurity risk assessment initiatives.
**What You Will Need** **:**
+ An ACTIVE and CURRENT SECRET federal security clearance.
+ Bachelor's Degree AND FOUR (4) years of relevant experience OR Master's Degree AND TWO (2) years of relevant experience.
+ Excellent verbal and written communication skills, specifically in report writing.
**What Would Be Nice To Have** **:**
+ CRISC, CISSP or a Cyber Security AI certification
+ Experience with NIST Federal Information Processing Standards and Special Publications, OMB guidance, and other regulatory authorities.
+ Experience working for or with the Department of State.
+ Demonstrated experience in the areas of external client-facing management and/or consulting for large firms.
+ Demonstrated experience communicating highly technical subject matter to a non-technical audience.
+ Ability to thrive in complex, challenging, and deadline-driven environments.
+ Willingness to participate in proposal development and other business development activities.
The annual salary range for this position is $113,000.00-$188,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
**What We Offer** **:**
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
+ Medical, Rx, Dental & Vision Insurance
+ Personal and Family Sick Time & Company Paid Holidays
+ Position may be eligible for a discretionary variable incentive bonus
+ Parental Leave and Adoption Assistance
+ 401(k) Retirement Plan
+ Basic Life & Supplemental Life
+ Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
+ Short-Term & Long-Term Disability
+ Student Loan PayDown
+ Tuition Reimbursement, Personal Development & Learning Opportunities
+ Skills Development & Certifications
+ Employee Referral Program
+ Corporate Sponsored Events & Community Outreach
+ Emergency Back-Up Childcare Program
+ Mobility Stipend
**About Guidehouse**
Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.
If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.
_Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee._

**Who Are We?**
Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.
**Job Category**
Data Analytics, Data Science
**Compensation Overview**
The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.
**Salary Range**
$165,000.00 - $272,200.00
**Target Openings**
1
**What Is the Opportunity?**
The Travelers Catastrophe Risk Management Group is seeking a Cyber Peril Lead to join our PERILS team leading our research related to man-made perils with a focus on Cyber risk. You will be joining a group of dedicated professionals charged with leading Travelers to be in position to successfully endure catastrophic loss from natural and man-made perils.
The PERILS team is a multi-discipline group focusing on peril research, the development of next generation analytics, and event response activities. As a member of this Team, you will be an active participant in the development and implementation of peril research and strategies. The team engages in enterprise-wide complex multi-disciplinary CAT research projects with various depths of focus. The position requires an individual who can strive in an analytical, innovation-driven environment, in tune with business needs.
**What Will You Do?**
We are seeking a candidate with a solid analytical base in cyber risk management or a scientific, engineering, or related quantitative discipline. The person will have effective self-organizational and time-management skills with the ability to work independently and formulate and execute project objectives. We seek problem solving and critical thinking skills in support of the team's efforts to provide best-in-class analyses to our business partners. Some of the specific duties include:
+ Provide thought leadership and strategy support related to portfolio cyber risk
+ Validate cyber aggregation risk models and technographic scores
+ Assist the Cyber Underwriting team with subject matter technical expertise and guidance
+ Identify, select, and extract relevant data from various internal and external sources. Complete analyses and present recommendations to team members, stakeholders, and Leadership
+ Stay abreast of the latest scientific research and summarize findings for the peril, including recent trends in threat actors, techniques and vectors of attack
+ Drive innovation through new tools/technologies and capabilities (e.g., develop custom tail scenarios)
+ Monitor the Company's exposures, aggregations, and peril-specific book mix changes
+ Support our Business Units Consulting and Actuarial functions with ad-hoc research and peril strategy development
+ Create and maintain collaborative relationships with business partners
**What Will Our Ideal Candidate Have?**
+ Exposure to cyber catastrophe modeling and/or cyber hygiene technographic scanning tools is a plus
+ Proficiency with Microsoft Suite, SQL, statistical packages, or other programs used to retrieve and analyze data
+ Knowledge of insurance concepts, coverage, products, and operations preferred
+ Ability to apply emerging statistical procedures to large highly complex work
+ Working knowledge of a programming language such as Python/R/Matlab preferred
+ Works well both independently & within a team, strong organization, and time management
+ Demonstrated ability to convey technical concepts across professional fields of discipline
**What is a Must Have?**
+ Master's degree in Statistics, Mathematics, Decision Sciences, Actuarial Science or related analytical STEM field plus six years of experience or any suitable and equivalent combination of education and work experience.
+ Heavy concentration in mathematics, including statistics and programming, business intelligence/analytics, as well as data science tools and research using large data sets. Additional verification of specific coursework will be required.
**What Is in It for You?**
+ **Health Insurance** : Employees and their eligible family members - including spouses, domestic partners, and children - are eligible for coverage from the first day of employment.
+ **Retirement:** Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
+ **Paid Time Off:** Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
+ **Wellness Program:** The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
+ **Volunteer Encouragement:** We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.
**Employment Practices**
Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.
In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.
If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email ( ) so we may assist you.
Travelers reserves the right to fill this position at a level above or below the level included in this posting.
To learn more about our comprehensive benefit programs please visit .

Common Sense Media is dedicated to improving the lives of kids and families by providing the trustworthy information, education, and independent voice they need to thrive. Our ratings, research, and resources reach more than 150 million users worldwide and 1.4 million educators every year. Learn more at commonsense.org.

About the Harvey Anderson Memorial Fellowship

The Harvey Anderson Fellowship honors the legacy of Harvey Anderson, a valued Common Sense Media board member and technology leader who embodied principles of innovation and impact. This fellowship creates transformative professional opportunities for first-generation college graduates passionate about the intersection of technology, education, and social impact.

About This Role

Our AI Programs team works at the forefront of AI's impact on kids, families, and schools and is focused on AI thought leadership, AI evaluations, AI literacy, and the creation of practical resources for families and educators.

The AI Risk Assessment Fellow will work directly with our AI Risk Assessment Analyst and the Senior Director of AI Programs, to conduct rigorous evaluations of AI tools and platforms used by children, teens, and educators. This two-year fellowship provides hands-on experience in AI safety research, content evaluation, and technology policy while building expertise at the intersection of AI and youth protection.

This fellowship is designed specifically for early-career professionals who are first-generation college graduates, and offers comprehensive mentorship, tailored professional development, and career-launching experience in AI safety and child protection.

Location: San Francisco Bay Area (Hybrid)

Reports to: AI Risk Assessment Analyst (primary), Senior Director of AI Programs (secondary)

Employment type: Full-time, non-exempt

Salary: $30.00–$38.00 per hour

Fellowship term: 2 years, with possibility of full-time role at Common Sense Media to follow

Fellowship Values

This fellowship embodies values shared by Harvey Anderson and Common Sense Media, including:

• Opportunity for All: Creating pathways for first-generation professionals.
• Supporting the Underserved: Focusing on protecting children and families.
• Transparency and Open Source: Contributing to frameworks that emphasize transparency and accessibility.
• Engaging Policymakers: Participating in work that informs policy about AI opportunities and challenges for youth.
• Adaptability: Helping design programs responsive to the rapidly evolving AI landscape.

Key Responsibilities

Research Execution & Data Analysis

• Conduct systematic prompt testing of AI tools and platforms under supervision of the AI Risk Assessment Analyst.
• Conduct literature reviews and background research on AI platforms, including analysis of technical documentation, academic papers, and industry reports.
• Compile and organize large data sets to identify patterns and analyze platform strengths and risks.
• Assist with technical testing procedures, including using Python scripts and APIs to conduct automated testing.

Content Evaluation

• In collaboration with content reviewers, evaluate AI-generated content (in categories such as age-appropriateness or safety concerns) and document findings, including for sensitive content areas with challenging material related to youth safety.
• In collaboration with the AI Risk Assessment Analyst, support the development of content evaluation frameworks and testing plans.

Assessment Support & Documentation

• Under analyst guidance, draft sections of risk assessment reports and briefs.
• Clearly document testing procedures, findings, and analysis methods.
• Prepare data summaries and preliminary analysis for inclusion in public-facing reports.
• Support quality assurance processes for assessment accuracy and reproducibility.

Research & Analysis Support

• Synthesize research findings from multiple sources to inform assessment approaches.
• Track emerging AI technologies and their potential impacts on youth safety and education.
• Contribute to research briefs summarizing key background information and known risks.
• Support competitive analysis and market research on AI tools in educational settings.

Project Coordination

• Assist with project timeline management and deliverable tracking across multiple concurrent assessments.
• Contribute to team meetings and strategic planning discussions.

Professional Development Activities

• Participate in AI safety conferences, workshops, and industry events.
• Present research findings to internal teams and external stakeholders as appropriate.
• Contribute to thought leadership content, including blog posts and policy briefs.
• Engage with broader AI safety and youth protection communities.

Required Qualifications

• Education: Bachelor's degree (must be first-generation college graduate).
• Experience: 2 years of professional experience in research, technology, or a related field, with a demonstrated interest in AI safety, child protection, and technology policy.
• Analytical Skills: Strong critical thinking and data analysis.
• Communication: Excellent written and verbal communication skills.
• Technical Aptitude: Proficiency with AI tools/platforms and willingness to learn technical testing procedures.
• Content Resilience: Ability to handle sensitive, potentially upsetting content in a professional research context.

Preferred Qualifications

• Experience with content moderation, trust and safety, or online safety research.
• Background in psychology, education, computer science, or a related field.
• Previous research experience in academic or professional settings.
• Interest in child development and youth protection issues.
• Experience working with diverse communities or underserved populations.

Professional Development Opportunities

Understanding the unique needs and opportunities for first-generation graduates, Common Sense Media will provide a range of development opportunities, including structured mentorship, leadership development, connection to professional networks, and exposure to industry.

Additional Benefits

• The chance to work with talented, passionate professionals.
• A great health and welfare benefits package, including medical, dental, vision, a matching 401(k), and other key benefits.
• An organization that offers work/life balance.
• The opportunity to really make a difference in the lives of kids and families!

Common Sense Media provides equal employment opportunities to all qualified individuals and prohibits discrimination and harassment of any type without regard to race, color, religion, sex, gender identity, sexual orientation, pregnancy, age, national origin, physical or mental disability, military or veteran status, genetic information, or any other protected classification or characteristic protected by federal, state, or local laws.

Common Sense Media will also consider for employment qualified applicants with arrest and conviction records. However, job offers are made on the condition that the applicant subsequently passes a criminal background check. If the background check indicates a prior criminal conviction, we will conduct an individualized assessment to determine whether the conviction should result in denial of employment. Pursuant to the San Francisco Fair Chance Ordinance, we will consider employment for qualified applicants with arrest and conviction records.