Responsibilities

Help protect the systems that keep U.S. airspace safe, resilient, and trusted. We are seeking a Cyber Risk Analyst to support cybersecurity risk identification, assessment, and mitigation across modernization initiatives aligned with the Federal Aviation Administration (FAA).  This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact.

 

Work Location:

• This position is 100% on-site, primarily located in Chantilly, VA, with an alternate work location available in Bowie, MD. Candidates must be able to work on-site at one of these locations based on program requirements.

Your Impact:

In this role, you will be at the center of cybersecurity decision-making—analyzing risk, advising leadership, and ensuring emerging technologies are deployed securely and responsibly. You’ll work across engineering, operations, and compliance teams to translate technical vulnerabilities into clear, actionable risk insights that shape how aviation systems are protected.

• Identify, analyze, and document cybersecurity risks across FAA systems and modernization initiatives.

• Support Risk Management Framework (RMF) activities, including risk assessments, control validation, and mitigation planning.

• Evaluate system compliance with NIST standards, FISMA, FedRAMP, and FAA cybersecurity requirements.

• Conduct risk assessments, gap analyses, and threat evaluations for new and existing systems.

• Translate technical findings into clear risk statements and executive-level recommendations.

• Support system authorization (ATO), continuous monitoring, and audit readiness activities.

• Collaborate with system owners, ISSOs, architects, and engineers to track and reduce cybersecurity risk.

• Monitor remediation efforts and validate closure of cybersecurity findings.

• Support development and maintenance of risk registers, POA&Ms, and compliance artifacts.

• Prepare reports, dashboards, and briefings for FAA leadership and program stakeholders.

• Ability to clearly communicate cyber risk to both technical and non-technical audiences.

Why This Role Matters

Cyber risk management is essential to maintaining trust in the National Airspace System. As a Cyber Risk Analyst, you help ensure that new technologies are introduced responsibly, vulnerabilities are addressed proactively, and leadership has the insight needed to make informed decisions. Your work directly supports the FAA’s mission to protect national infrastructure, reduce cyber risk, and maintain the safest and most reliable aviation system in the world. This role is not just about compliance—it’s about enabling secure innovation at a national scale.

Qualifications

Basic Qualifications:

• U.S. Citizenship Required.
• Must have the ability to obtain / maintain a Public Trust clearance.
• Bachelor’s degree and 5 years experience or Masters degree and 3 years experience or Associate’s degree and 7 years experience or HS diploma/equivalent and 9 years experience. 
• Demonstrated experience supporting cyber risk management or compliance in federal or regulated environments
• Strong knowledge of NIST 800-53, NIST RMF, FISMA, and cybersecurity risk methodologies
• Experience supporting system authorization, POA&M management, and continuous monitoring
• Demonstrated experience supporting security control assessments, risk scoring, and mitigation tracking for enterprise systems.
• Familiarity with incident response coordination.

Preferred Qualifications

• Experience supporting FAA, DOT, or other federal aviation systems.

• Familiarity with aviation systems, critical infrastructure, or safety-critical environments.

• Experience with FedRAMP cloud environments and shared responsibility models.

• Knowledge of Zero Trust principles and risk-based security architectures.

• Industry certifications such as CISSP, CISM, CRISC, or Security+.

• Experience using GRC tools or risk tracking platforms.

• Familiarity with NextGen FAA modernization efforts.

#BNATC

Target Salary Range$86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.