NewSenior Information Systems Security Officer (ISSO)/Information Systems Security Manager (ISSM) Calibre SystemsSenior Information Systems Security Officer (ISSO)/Information Systems Security Manager (ISSM)Aberdeen, MDCALIBRE Systems, inc., an employee-owned, mission focused solutions and digital transformation company is seeking a highly experienced and professional Information Systems Security Officer (ISSO) / Information Systems Security Manager (ISSM) to support a Department of War (DoW) cybersecurity modernization initiative focused on Risk Management Framework (RMF) execution, continuous monitoring, compliance automation, and enterprise adoption of RegScale. You will work directly with government stakeholders to advance compliance automation, improve RMF execution, and drive enterprise adoption of next-generation GRC capabilities through RegScale while serving as a key cybersecurity leader within the organization.
Junior Security Control Assessor The Newberry GroupJunior Security Control AssessorMarylandThis includes medical coverage with three plan options, dental and vision coverage, personal time off, paid holidays, paid parental leave, telecommuting if available, retirement savings accounts (Pre-Tax and Roth), flexible and dependent care savings accounts, life insurance, long and short-term disability coverage, tuition and training reimbursement, employee assistance program, and more. For each RMF Review, the assessors shall perform the following: The candidate will be required to review applicable controls to determine compliance status and enter all test results into the designated repository (Enterprise Mission Assurance Support Service (eMASS).
Cybersecurity Compliance Auditor / Security Control Assessor (SCA) Johns Hopkins University Applied Physics Laboratory LLCCybersecurity Compliance Auditor / Security Control Assessor (SCA)Laurel, MDWe are seeking a Cybersecurity Compliance Auditor / Security Control Reviewer (SCR) to perform independent security control assessments across classified information systems to determine the overall effectiveness of the controls. Collaborate with Program Managers/System Owners, ISSMs, ISSOs, system engineers/administrators, and program teams to resolve findings and improve security posture.
Senior Cybersecurity Specialist (ISSO and Assessor) Edgewater Federal Solutions, Inc.Senior Cybersecurity Specialist (ISSO and Assessor)Germantown, Maryland$140,000–$170,000 / yearFull timeOverview: Edgewater Federal Solutions is hiring a Senior Cybersecurity Specialist (ISSO and assessor) to provide high level of technical advice and guidance to management and other technical specialists on critical IT security issues; Create and maintain system security documentation; Conduct technical risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs and conduct systems security evaluations, audits, and reviews; Apply FISMA, NIST, CNSS and Federal agencies guidance for security control policies and procedures. Provide Configuration Management (CM) oversight for information system security software, hardware, and firmware; Manage changes to systems and perform assessments on the security impact of the changes; Perform risk assessments and analysis in support of ongoing awareness and adherence to the organization’s risk tolerance.
Security Control Assessor, Mid AGE SolutionsSecurity Control Assessor, MidMarylandRemoteDemonstratable understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. Strong preference will be given to candidates who currently reside in the DMV (Washington, DC, Maryland, Virginia) region or Pennsylvania, or who are willing to relocate to one of these areas to support customer requirements and team collaboration activities.
Junior Security Control Assessor August SchellJunior Security Control AssessorFt. Meade, MarylandAugust Schell is looking for a Security Control Assessor , Junior to join our team in support of a cybersecurity risk management and assessment program with our DoD customer. Must have experience in at a minimum 3 of the following technology areas: Network, Windows, Unix, End Point Security, Cloud, Application, SQL, Oracle, ACAS, Traditional, RMF.
Information Systems Security Officer (Technical ISSO / RMF Assessor) Peraton IncInformation Systems Security Officer (Technical ISSO / RMF Assessor)MD$112,000–$179,000 / yearThe ideal candidate will be confident writing Security Test Procedures (STPs), building Security Controls Traceability Matrices (SCTMs), interpreting ACAS/Nessus scan results, and using Splunk to verify control effectiveness. We are seeking a highly skilled and technically proficient Information Systems Security Officer (ISSO) with hands-on experience developing, implementing, and validating security controls within DoD RMF environments.
NewTraveling Security Control Assessor Leidos Holdings IncTraveling Security Control AssessorMD$87,100–$157,450 / yearStrong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. Please note that the broader pay range displayed at the bottom of this page represents the total corporate salary band for similarly-leveled cyber positions across Leidos and does not account for specific contract/program funding and requirements.
NewProject Assessor - Energy Bureau Veritas SAProject Assessor - EnergyBaltimore, MDTravel by Plane, Motor Vehicle, Train to client sites across the U.S. Work Environment: The employee is regularly exposed to outdoor weather conditions, moving mechanical components and assemblies, frequently exposed to work near energized electrical components and assemblies. Education, Certifications & Experience: Bachelor''s degree in Engineering, Architecture, Building Science, Construction Management, Energy Engineering, Mechanical Engineering, Environmental Science, or a related technical field with a minimum of three (3) years of related experience.
Cybersecurity Compliance Auditor / Security Control Assessor (SCA) Johns Hopkins Applied Physics LaboratoryCybersecurity Compliance Auditor / Security Control Assessor (SCA)Laurel, MarylandFull timeWe are seeking a Cybersecurity Compliance Auditor / Security Control Reviewer (SCR) to perform independent security control assessments across classified information systems to determine the overall effectiveness of the controls. Collaborate with Program Managers/System Owners, ISSMs, ISSOs, system engineers/administrators, and program teams to resolve findings and improve security posture.
Project Assessor Bureau Veritas SAProject AssessorBaltimore, MDTechnology Skills: To perform this job successfully, an individual must be proficient in operating a computer, having knowledge of word processing software, spreadsheet software, and project management software, to include Quire and AssetCalc, Microsoft Suite and business specific software and other project specific applications. Travel by Plane, Motor Vehicle, Train to client sites across the U.S. Work Environment: The employee is regularly exposed to outdoor weather conditions, moving mechanical components and assemblies, frequently exposed to work near energized electrical components and assemblies.
Strategic Account Manager - Cybersecurity and Risk Consulting RSM US LLPStrategic Account Manager - Cybersecurity and Risk ConsultingBaltimore, MD$102,800–$176,000 / yearDrive year-over-year organic revenue growth within assigned accounts through renewals, upsells, and cross-sells of cyber and risk services, including cyber strategy and governance, technology risk, IT audit, regulatory compliance, privacy, data protection, third-party risk management, cloud security, incident readiness, and managed risk services. Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists, privacy practitioners, cloud security architects, incident response leaders, and managed services teams to design and scope integrated solutions addressing clients' highest-priority cyber and enterprise risk challenges.
Integrated Master Scheduler and Risk Manager Eliassen GroupIntegrated Master Scheduler and Risk ManagerAberdeen Proving Ground, Maryland$60–$70 / hourOur client seeks a mid-level Integrated Master Scheduler and Risk Manager to develop and maintain Integrated Master Schedules across multiple DoD acquisition programs. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients’ capacity and accelerate meaningful outcomes.
Risk Manager Customer Value PartnersRisk ManagerRockville, Maryland$155,000–$165,000 / yearFull timeThe Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the agency’s CIO and CISO in cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security reporting; and other information security-related tasks. Developing an agency Information Security Risk Management Strategy in accordance with the latest released versions of NIST Special Publications (SPs) such as SP 800-37, Risk Management Framework for Information Systems and Organizations and SP 800-39, Managing Information Security Risk (as revised).
Senior Equity Risk Manager T. Rowe PriceSenior Equity Risk ManagerBaltimore, MDFull timeThis senior manager is a high-impact role within the Equity Risk team, reporting to the Director of Equity Risk who leads a team of 6 associates, that contributes to effective risk oversight of the equity investment division, provides risk coverage for important equity strategies, and advances the evolution of risk analytics and modelling tools. T. Rowe Price is a leading global asset manager, entrusted with managing $1.79 trillion in client assets as of November 2025 and serving millions of clients globally who rely on the firm for its retirement expertise and active management across asset classes.
Risk Manager Flatiron Construction CorpRisk ManagerMDThe Risk Manager develops and maintains the project risk register, facilitates risk assessments, monitors mitigation plans, and provides reporting and analysis to support informed decision-making. The Risk Manager is responsible for leading the project''s risk management program and ensuring that risks and opportunities are identified, evaluated, documented, communicated, and managed throughout the project lifecycle.
Associate Risk Manager Kennedy Krieger InstituteAssociate Risk ManagerBaltimore, MarylandCollaborate with the Legal Risk Coordinator and Legal Counsel to assist staff with various risk matters including complex patient issues, guardianship and custody issues, legal document review and testimony for legal matters. Overview: The Associate Risk Manager is responsible for identifying, evaluating, and mitigating risks that could impact patient safety, staff well-being, regulatory compliance, and organizational operations.
Fraud Risk Manager Eagle Bancorp IncFraud Risk ManagerSilver Spring, MD$104,215–$173,692 / yearMajor Duties and Responsibilities: Provide second-line oversight of fraud-related programs including check fraud, ACH fraud, wire fraud, identity theft, account takeover (ATO), elder financial exploitation, and new account fraud. Partner with first-line fraud operations, BSA/AML, cybersecurity, legal, and technology teams to ensure an integrated approach to financial crimes and fraud risk management.
Operational Risk Manager EagleBankOperational Risk ManagerBethesda, Maryland$114,071–$192,797 / yearFull timeAs an individual contributor, this role will lead all aspects of the governance of the operational risk management program and provide senior management with data driven reporting, analytics and insights to deliver a sustainable risk remediation and management and support strategic planning and decision making. Implementation and the execution of the enterprise wide Risk And Control Self Assessments (“RCSA”) and the annual Enterprise Risk Assessment from a second line oversight perspective, and an ongoing maturation of the programs.
Risk Advisor - Employee Benefits Relation InsuranceRisk Advisor - Employee BenefitsOwings Mills, MarylandThe individual in this position conducts research in the market and develops a base of business to educate, promote and sell insurance services, keeps current on business community activities to obtain leads for business development activities, and maintains and services a profitable book of insurance business for existing clients. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.
Operational Risk Manager Eagle Bancorp IncOperational Risk ManagerBethesda, MD$114,071–$192,797 / yearAs an individual contributor, this role will lead all aspects of the governance of the operational risk management program and provide senior management with data driven reporting, analytics and insights to deliver a sustainable risk remediation and management and support strategic planning and decision making. Implementation and the execution of the enterprise wide Risk And Control Self Assessments ("RCSA") and the annual Enterprise Risk Assessment from a second line oversight perspective, and an ongoing maturation of the programs.
Risk Manager I University of Maryland Faculty Physicians IncRisk Manager IBaltimore, MDExact salary will ultimately depend on multiple factors, which may include the successful candidate's geographical location, skills, work experience, market conditions, internal equity, responsibility factor and span of control, education/ training and other qualifications. Performs the investigation of adverse events, near misses, and potential claims and suits and actively participates in developing and implementing loss prevention methodologies and patient safety initiatives in certain designated areas or entities.
NewSupply Chain Risk Manager (Intelligence Analyst 5) - 29280 Huntington Ingalls Industries IncSupply Chain Risk Manager (Intelligence Analyst 5) - 29280Woodlawn, MD$129,585–$175,000 / year15 years relevant experience with Bachelors in related field; 13 years relevant experience with Masters in related field; 10 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 19 years relevant experience. When extending an offer, HIIs Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the roles function and a candidates education or training, work experience, and key skills.
Financial Risk Manager Deloitte Touche Tohmatsu LtdFinancial Risk ManagerMD$134,500–$265,100 / yearUnderstand the impact of key technology trends and workforce changes impacting our clients through engagement with innovative and emergent technologies, including cloud computing, big data and analytics, process automation, artificial intelligence / machine learning, and other digital strategies. Capital Management / Stress Testing: Capital planning and enterprise stress testing execution (e.g., scenario design support, model methodology governance, results aggregation, capital actions analysis, documentation and control testing, linkage to balance sheet and risk appetite, climate stress testing considerations).
Investment Risk Manager - Liquidity Franklin Resources IncInvestment Risk Manager - LiquidityBaltimore, MD$175,000–$190,000 / yearWorking closely with portfolio managers and senior stakeholders, the group combines deep technical expertise with sound judgment to identify key drivers of risk, distinguish long-term structural exposures from short-term market movements, and continuously enhance the firm's risk framework and analytical capabilities, including the implementation of advanced risk systems such as Aladdin. We also offer a comprehensive benefits package, which includes a range of competitive healthcare options, insurance, and disability benefits, employee stock investment program, learning resources, career development programs, reimbursement for certain education expenses, paid time off (vacation / holidays / sick / parental & caregiving leave / bereavement / volunteering / floating holidays) and a motivational wellbeing program.
Project Manager Munitions Response EA Engineering, Science, and Technology IncProject Manager Munitions ResponseHunt Valley, MD$80,000–$150,000 / yearAs a MR professional, depending on your experience, position and grade level you will have various involvement and responsibility for the planning, design, execution and management of Military Munitions Response Program (MMRP) and Sustainable Range Program related proposals and projects. We currently have opportunities available for Munitions Response (MR) professionals (Geologists/Scientists/Engineers and Project Managers) to support existing programs/projects and new business initiatives within our growing MR practice line.
NewInformation Systems Security Officer (ISSO) Macpower Digital Assets Edge Private LimitedInformation Systems Security Officer (ISSO)Annapolis, MD$120,000–$166,000 / yearThis role involves driving Authorization to Operate (ATO) efforts, implementing NIST controls, and collaborating with cross-functional teams to build security into cloud-native and data-focused environments. Role Summary: The Senior Cybersecurity Engineer serves as a subject matter expert in ensuring system security compliance and risk management throughout the program life cycle.
Delegated Authorizing Official Representative - Skill Level 2 Kaizen Approach, Inc.Delegated Authorizing Official Representative - Skill Level 2MDSkills and Certifications: • Working knowledge of system security design processes, defense-in-depth and defense-in-breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, the security authorization process, cybersecurity principles, and security testing, and • DoD 8570 compliant with IAM II. Experience Requirements: • Four years of experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager, Information Systems Security Officer, or DAO supporting programs and contracts of similar scope, type, and complexity, or • Eight total years of relevant experience if no bachelor's degree is held.
Delegated Authorizing Official Representative - Skill Level 3 Kaizen Approach, Inc.Delegated Authorizing Official Representative - Skill Level 3MDSkills and Certifications: • Must possess working knowledge of system security design processes, defense-in-depth and defense-in-breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, the security authorization process, cybersecurity principles, and security testing, and must be DoD 8570 compliant with IAM III. Experience Requirements: • Must have eight years of experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager, or DAO supporting programs and contracts of similar scope, type, and complexity, or twelve total years of relevant experience if no bachelor's degree is held.
Sr. Manager, Compliance, Governance & Assurance Blue Cross and Blue Shield AssociationSr. Manager, Compliance, Governance & AssuranceBaltimore, MDIn this role you will be responsible for maintaining and expanding the company''s certification portfolio, ensuring compliance with regulatory, contractual, and customer requirements, establishing a mature policy governance framework, and building an internal assurance function that provides proactive oversight of control design, effectiveness and compliance obligations. Exceptional communication and stakeholder management skills, including experience influencing senior leadership and partnering effectively across Security, Privacy, Legal, Risk Management, Internal Audit, and business functions.
Information Systems Security Officer Open Systems Technologies CorporationInformation Systems Security OfficerAnnapolis Junction, MDThe ideal candidate will possess strong RMF expertise, experience working with cybersecurity compliance and assessment tools, and the ability to collaborate effectively with System Administrators, System Owners, Information System Security Managers (ISSMs), and Government stakeholders. The ISSO will be responsible for ensuring systems maintain compliance with security requirements throughout the Risk Management Framework (RMF) lifecycle while supporting accreditation, continuous monitoring, and cybersecurity operations activities.
Senior Information Systems Security Officer (ISSO)/Information Systems Security Manager (ISSM) CALIBRESenior Information Systems Security Officer (ISSO)/Information Systems Security Manager (ISSM)Aberdeen, MD$150,000–$160,000Full timeCALIBRE Systems, inc., an employee-owned, mission focused solutions and digital transformation company is seeking a highly experienced and professional Information Systems Security Officer (ISSO) / Information Systems Security Manager (ISSM) to support a Department of War (DoW) cybersecurity modernization initiative focused on Risk Management Framework (RMF) execution, continuous monitoring, compliance automation, and enterprise adoption of RegScale. You will work directly with government stakeholders to advance compliance automation, improve RMF execution, and drive enterprise adoption of next-generation GRC capabilities through RegScale while serving as a key cybersecurity leader within the organization.
Manager, Management Consultancy WSP Global IncManager, Management ConsultancyBaltimore, MD$119,400–$179,000 / yearOur work further enables clients to be Digital Ready by identifying the data needs for management action and decision-making, designing appropriate technology solutions and importantly, delivering the organization change management associated with digitalization by supporting all transition phases from design to operations and maintenance. Our vision is to be the leading provider of advisory services in the social infrastructure sectors - supporting public and private clients to develop the capabilities to manage risk, to be more resilient, to support efficiency, and to enable the delivery of utility, transportation and government services.
NewEnvironmental Sanitarian II - Baltimore City Health Department City of BaltimoreEnvironmental Sanitarian II - Baltimore City Health DepartmentBaltimore, MD$56,322–$91,795 / yearPositions assigned to the Lead Paint Program must obtain and maintain a Maryland Lead Paint Technician accreditation issued by the Maryland Department of Environment within 6 months of hire; they must also obtain and maintain a Maryland Lead Paint Risk Assessor accreditation issued by the Maryland Department of Environment within 18 months of hire. Licenses, Registrations, and Certificates: Candidates for positions in this classification must possess a current license as a Registered Environmental Sanitarian from the Maryland State Board of Environmental Sanitarians.
Senior Manager, Insider Threat Incident Response Marriott International IncSenior Manager, Insider Threat Incident ResponseBethesda, MDOperate and improve an existing process to respond and mitigate insider threats (identified and referred by the analysts and threat hunting team) by referring incidents for action to the correct stakeholders, ensuring appropriate and consistent responses, tracking results and preparing metrics and KPIs. Duties will include overseeing incident response to insider incidents and collaborating with multiple areas of the business, including managers, human resources, franchise services, legal, investigations, physical security, SOC/CIRT, and information technology groups.
Tax System Program Manager (NCS) - BCIT City of BaltimoreTax System Program Manager (NCS) - BCITBaltimore, MD$107,187–$176,715 / yearExperience: Program Management - 5 years Progressive experience in managing large scale, complex technical transformations - 10 year's Experience in financial systems is preferred Application Development or Data Analysis backgrounds preferred along with experience managing SaaS vendors. This role requires a leader who can navigate the complexities of a large public sector environment, manage diverse stakeholder interests, and ensure the program delivers on its objectives of improved efficiency, enhanced constituent services, increased revenue capture, and robust compliance.
Cloud Security Architect / FedRAMP Advisor Apogee Global RMSCloud Security Architect / FedRAMP AdvisorNorth Bethesda, MDThis role is built for architects who understand the intersection of cloud engineering, compliance frameworks, and real‑world security design — and who can guide federal programs through secure cloud adoption with precision and authority. You will serve as a trusted advisor across AWS, Azure, and hybrid environments, shaping security architectures, guiding FedRAMP readiness, and ensuring cloud platforms meet stringent federal requirements.
SCA-R Validator Leidos Holdings IncSCA-R ValidatorOdenton, MD$87,100–$157,450 / yearAdvanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
SCA-R Validator LeidosSCA-R ValidatorOdenton, VirginiaAdvanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. July 7, 2026 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.