Risk Management Specialist
Information Systems
Security
$ 65 - $ 70 / Hour
location_onAlbany, New York
acuteContractor
Apply now
Copy Linklink
Your Role
Our client is seeking an experienced Risk Management Specialist to support a long-term client in Albany, NY. The ideal candidate will have strong experience in cybersecurity risk management, especially within critical infrastructure and OT environments, and will be well versed in applying the NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), NIST SP 800-53, and NIST SP 800-82. This role requires a candidate who can identify, assess, communicate, and help mitigate risk in complex, operationally sensitive environments where security must be maintained along with reliability and availability.
Pay rate: $65-70hr w2
The position is onsite daily in Albany, NY.
Role/Responsibilities:
Apply the NIST Risk Management Framework (RMF) to assess, manage, and monitor risks across IT, ITS and OT systems.
Establish, maintain, and update a comprehensive risk register documenting identified risks, business and operational impacts, likelihood, and mitigation strategies.
Implement risk assessment methodologies, including interpreting and participating in vulnerability scanning, penetration testing, and threat modeling.
Perform data classification, analysis, and reporting
Review work intake requests to determine potential risk introduced to the environment based on the request
Perform assessments of AI systems for potential risks
Security Control Implementation and Assessment
Select, implement, and assess security controls based on NIST SP 800-53 and NIST SP 800-82 and technical requirements
Tailor security controls to the specific operational, technical, and safety requirements of IT, ITS and OT environments.
Conduct recurring security control assessments to validate effectiveness, identify gaps, and support compliance requirements.
Threat and Vulnerability Management
Maintain and manage risk information to identify threats, vulnerabilities, and operational risks affecting, IT, Intelligent Transportation Systems (ITS), and OT systems.
Interpret vulnerability assessments of external IP addresses and internal systems, and support prioritization of remediation based on risk and business impact.
Develop and support implementation of incident response plans for cybersecurity events, including denial-of-service (DoS), phishing, ransomware, other business impacting incidents.
Compliance and Reporting
Prepare and present regular risk reports for leadership, including key risks, trends, mitigation activities, and recommended actions.
Help ensure compliance with applicable federal and state cybersecurity regulations, policies, and standards.
Minimum Qualifications
Bachelors or Masters degree in Cybersecurity, Risk Management, or a related field or equivalent experience.
Experience in risk management, preferably in a critical infrastructure environment.
Strong understanding relevant NIST special publications such as, NIST RMF, NIST SP 800-30, NIST CSF, NIST SP 800-53, and NIST SP 800-82.
Experience with vulnerability assessment and penetration testing platforms, reports, and remediation.
Knowledge of threat intelligence sources and threat analysis techniques.
Experience with Operational Technology (OT) security is highly desirable.
The CIA Triad and how it applies to IT, ITS, and OT environments.
Ability to interpret vulnerability and penetration testing reports.
Experience creating well-crated information security documentation such as BIA, WISP, Risk Assessment, IRP, DRP, BCP, Policies, Cybersecurity Awareness training
Strong grasp of foundational cybersecurity principles such as defense in depth, least privilege, CIA triad, more.
In-depth understanding of data classification and protection.
Preferred Qualifications
Relevant professional level certifications such as CISSP, CRISC, or CISM
Experience working in transportation, public sector, industrial, or other operationally critical environments is highly desirable.
Familiarity with risk management in environments that require strong coordination among cybersecurity, engineering, and operations teams.
Experience preparing executive-level risk briefings and technical risk documentation.
Analyst level support on EDR configuration and threat detection.
Ability to perform vulnerability scans in IT and OT environments.
Nice to have:
Networking: LANs, VLANs, trunks, spanning tree, IP subnetting, routing protocols, SDWAN, SASE, enterprise wireless, packet traces
Cloud Concepts: SaaS, IaaS, PaaS, hybrid, on premises
IT principles: High availability, clustering, failover, single point of failure, dynamic routing, classification, tagging
Server and Compute: Client Server, virtualization, clustering, failover, backups, imaging
If you are interested in this position, please click APPLY NOW. For other opportunities available at Akkodis go to www.akkodis.com.
Employer/Veterans/Disabled
Benefit offerings include medical, dental, vision, term life insurance, short-term disability insurance, additional voluntary benefits, commuter benefits and 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State or local law; and Holiday pay upon meeting eligibility criteria. Disclaimer: These benefit offerings do not apply to client-recruited jobs and jobs which are direct hire to a client
To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.modis.com/en-us/candidate-privacy/
The Company will consider qualified applicants with arrest and conviction records.
Pay Details: $65.00 to $70.00 per hour
Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable.
Equal Opportunity Employer/Veterans/Disabled
Military connected talent encouraged to apply
To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to https://www.akkodis.com/en/us/candidate-privacy-policy
The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:
Massachusetts Candidates Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Ref: 1627751
Apply now