- December 3, 2025
Working professional at in Government contracting looking to leverage free time to work additional jobs.
Currently working at Booz Allen Hamilton
as cyber Risk Analyst
Experience
• Lead end-to-end cyber risk assessments for federal and commercial clients, evaluating on-prem, cloud, and hybrid environments against established frameworks (e.g., NIST 800-53, RMF, FAIR, HIPAA, Cyber Essentials) and client-specific policies. 
• Develop and refine risk-tiering methodologies for suppliers and third-party vendors, using threat models and defined risk factors to categorize vendor criticality and cyber exposure. 
• Design and manage structured third-party/supplier cyber risk programs, including due-diligence questionnaires, evidence review, and ongoing monitoring to ensure vendors meet contractual security obligations and performance standards. 
• Conduct detailed assessments of vendor cybersecurity governance, policies, incident response capabilities, and prior incident history; identify control gaps and provide prioritized remediation recommendations. 
• Maintain and update enterprise cyber risk and vendor risk registers, ensuring risks are consistently documented, quantified, tracked, and aligned with organizational risk appetite and enterprise risk standards. 
• Support risk decision processes by facilitating risk classification, validation, acceptance, and residual-risk sign-off with security, engineering, and business stakeholders. 
• Define and manage recurring review cycles, KPIs, and metrics for supplier and internal cyber risk performance; prepare dashboards and reports for senior leadership and governance bodies. 
• Collaborate with cybersecurity engineering teams to ensure that recommended security controls are implemented and validated (e.g., hardening baselines, vulnerability remediation, network and application security controls) to protect sensitive missions and operations. 
• Contribute to cyber threat modeling and scenario development to anticipate emerging risks, inform control design, and improve incident preparedness and resilience. 
• Assist in drafting, reviewing, and maintaining cybersecurity policies, standards, and procedures related to enterprise, supplier, and third-party cyber risk management. 
• Provide advisory support as a cyber risk subject-matter expert, translating technical risk findings into business-focused language for executives, program managers, procurement, and legal teams. 
• Mentor junior analysts and contribute to internal best-practice guides, templates, and playbooks to improve consistency, quality, and scalability of Booz Allen’s cyber risk services.
