Risk Management Analyst

Blue Rose Consulting is seeking a Risk Management Analyst to support our work with a federal client in Washington, DC. This is a Hybrid role and is open to U.S. Citizens ONLY. 
Successful candidates will be required to have an Active Secret Security clearance.
In this role you will:

• Provide Information Technology Governance Support to the Department of State (DOS), Bureau of Consular Affairs (CA), Office of Consular Systems and Technology (CST)
• Develop and deliver updated process, policy and procedures documents
• Support the Government in monitoring project teams for adherence to policies and procedures.
• Provide the necessary expertise to effectively support the Enterprise Risk Management GTM to ensure risks and issues are proactively identified, tracked, and mitigated
• Perform implementation of a Risk Management Framework, Risk Identification, Assessment, Monitoring and Mitigation, Risk Reporting and Dashboards, Risk adjudication, weighting, and escalation, Root Cause Analyses, and Mitigation tracking
• Develop a Risk Management Plan which shall identify, evaluate, and categorize enterprise-level as well as critical project-related risks, and recommend and support a mitigation strategy
• Monitor risks, take mitigation actions, and update the Risk Management plan as needed
• Routinely review risks and escalate as needed to GTM
• Assist in developing executive Enterprise Risk presentations as part of the escalation of risks to senior management
• Develop and execute Risk Management Training as needed
• Support for CST's Statement of Assurance submission process– coordinating with CA/C on Annual Risk Assessments, High-Risk process identification and documentation, identification and documentation of process risks and existing and new controls, and testing of the controls to determine if they operate effectively
• Use analytical software to calculate the risk of a decision
• Consult with business decision makers and understand their data needs
• Evaluate business and finance records and determine the level of risk
• Create reports and anticipate the losses of certain business decisions

REQUIREMENTS:
Candidates must have:

• 1-5 years’ of total work experience in IT governance, risk management, audit, compliance, business continuity and other related information security domains
• Previous experience obtaining and maintaining compliance certifications/attestations for at least one of the following: PCI-DSS, Sarbanes-Oxley (SOX), or SOC 2 compliance
• Strong understanding of at least one of the following: PCI-DSS, NIST CSF, or COBIT frameworks
• Strong knowledge and experience implementing security and risk best practices
• Strong analytical skills
• Ability to quickly analyze data and make a decision, then create reports and determine results
• Communicate clearly and effectively with clients and team members at all levels.

Preferred Experience:

• Knowledge and understanding of the State Department, Bureau of Consular Affairs (CA), the Office of Consular Systems and Technology (CST)

Education:

• Bachelor's degree in computer science or a related field

Salary: $70,000 – $120,000, Depending on Experience