Cybersecurity Risk Manager

Our Cybersecurity Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. A career in an integrated team of developers and consultants provides the opportunity to grow and contribute to our clients' business issues every day, applying a collection of security spectrum capabilities, including security strategy and governance, IT risk, security technologies, and cybercrime and breach response. Guidehouse is currently seeking technical professionals in support of our Department of Defense client. 

We are seeking a skilled Cybersecurity Risk Manager (C4 - Managing Consultant) to support enterprise-wide cyber risk management efforts across the client’s network environments. This role requires a technically proficient professional with experience supporting government and military clients, capable of conducting risk assessments, implementing mitigation strategies, and ensuring compliance with DoD cybersecurity objectives. The successful candidate will execute risk management frameworks, create detailed technical analyses, and work closely with senior leadership to deliver secure architectures and maintain a resilient operational environment. 

Responsibilities include, but are not limited to: 

• Coordinate vulnerability management activities across assigned systems, including scanning, analysis, prioritization, and remediation in compliance with DoD policy and industry standards (e.g., DISA, ACAS). 
• Support development and execution of cyber risk strategies, including tracking key performance indicators and identifying opportunities for process and technology improvements. 
• Support incident response efforts, including monitoring, triage, investigation, containment, and recovery, and escalate complex incidents to senior leadership. 
• Conduct forensic analysis and anomaly detection, prepare incident reports, and maintain evidence integrity to support investigations and compliance requirements. 
• Assist with NIST Risk Management Framework (RMF) compliance activities, including drafting security documentation, assessing security controls, and maintaining accreditation artifacts for DoD systems. 
• Execute cybersecurity directives (e.g., OPORDs, CTOs, EXORDs) by coordinating with stakeholders, tracking compliance, and reporting status to leadership. 
• Support Zero Trust Architecture initiatives, including conducting assessments and implementing technical controls aligning with NIST and DoD frameworks. 
• Administer device compliance and data protection policies, including authentication and automated remediation to safeguard sensitive information. 

What You Will Need:

• At least seven (7) years of experience in IT or cybersecurity, with three (3) years supporting US Federal government clients. 
• Hands-on experience with the NIST RMF process and Zero Trust Architecture implementation, including vulnerability management, incident response, and cybersecurity tool administration in an enterprise environment. 
• Strong technical communication skills, with the ability to explain complex issues to both technical and non-technical audiences. 
• Demonstrated ability to lead small teams and coordinate tasks across multiple stakeholders. 
• Strong analytical and problem-solving skills. 
• An ACTIVE and CURRENT Secret security clearance. 

What Would Be Nice To Have:

• Active security clearance at the Top Secret level.  
• Relevant cybersecurity certifications (e.g., CompTIA Security+, CEH, CISSP, CISM). 
• Familiarity with DoD cybersecurity directives and compliance frameworks.