Apply Now

Cybersecurity Risk Management Specialist/ IT/OT Security Risk Management Consultant

Albany, NY, US • Posted 4 hours ago • Updated 4 hours ago

Contract W2

Contract Independent

Contract Corp To Corp

12 Months

No Travel Required

On-site

Depends on Experience

Fitment

Dice Job Match Score™

🤯 Applying directly to the forehead...

Job Details

Skills

OT Security

Summary

Position Overview

We are seeking an experienced Cybersecurity Risk Management Specialist to support the security, resilience, and compliance of enterprise IT, Intelligent Transportation Systems (ITS), and Operational Technology (OT) environments. This role is responsible for developing, implementing, and maintaining a comprehensive risk management program focused on protecting critical infrastructure, ensuring operational continuity, and supporting regulatory compliance.

The ideal candidate will possess strong Governance, Risk, and Compliance (GRC) experience with expertise in cybersecurity risk assessments, risk analysis, documentation, control validation, and regulatory frameworks. The candidate should have hands-on experience applying NIST-based security frameworks in complex operational environments where availability, reliability, and security are equally critical.

Key Responsibilities

Risk Management & Assessment

Apply the NIST Risk Management Framework (RMF) to identify, assess, manage, and monitor cybersecurity risks across IT, ITS, and OT environments.
Develop, maintain, and continuously update enterprise risk registers, documenting identified risks, impacts, likelihood, mitigation strategies, and remediation status.
Conduct risk assessments, threat modeling, vulnerability analysis, and security reviews for systems, applications, and infrastructure.
Evaluate work intake requests and proposed technology changes to determine potential security and operational risks.
Perform data classification assessments and support information protection initiatives.
Assess emerging technologies, including AI-based solutions, to identify cybersecurity and operational risks.

Security Control Assessment & Compliance

Select, implement, and evaluate security controls based on NIST SP 800-53, NIST SP 800-82, and organizational security requirements.
Tailor security controls to meet the operational, safety, and availability requirements of IT and OT environments.
Conduct recurring control assessments and gap analyses to validate security effectiveness and compliance readiness.
Support remediation planning and risk mitigation activities.

Threat & Vulnerability Management

Monitor and analyze threats, vulnerabilities, and operational risks impacting enterprise and operational technology environments.
Review vulnerability assessment and penetration testing results to prioritize remediation activities based on business impact and risk exposure.
Collaborate with stakeholders to implement risk reduction strategies and compensating controls.
Support cybersecurity incident response planning and preparedness activities for threats including ransomware, phishing, denial-of-service attacks, and other security incidents.

Governance, Reporting & Documentation

Prepare executive-level risk reports, dashboards, and presentations highlighting key risks, trends, mitigation efforts, and recommendations.
Develop and maintain cybersecurity documentation, including:
- Risk Assessments
- Business Impact Analyses (BIA)
- Incident Response Plans (IRP)
- Disaster Recovery Plans (DRP)
- Business Continuity Plans (BCP)
- Written Information Security Programs (WISP)
- Security Policies and Procedures
- Security Awareness Materials
Support compliance with applicable cybersecurity standards, regulations, and organizational policies.
Coordinate with internal teams, external partners, and third-party vendors to support secure deployment of new systems and technologies.

Required Qualifications

Bachelor’s degree in Cybersecurity, Information Security, Risk Management, Information Technology, or a related field (or equivalent experience).
5+ years of experience in cybersecurity risk management, governance, risk, and compliance (GRC), or information security.
Strong knowledge of:
- NIST Risk Management Framework (RMF)
- NIST Cybersecurity Framework (CSF)
- NIST SP 800-30
- NIST SP 800-53
- NIST SP 800-82
Experience conducting risk assessments, vulnerability analysis, and security control evaluations.
Ability to interpret vulnerability scans, penetration testing reports, and threat intelligence data.
Strong understanding of:
- CIA Triad
- Defense-in-Depth
- Least Privilege
- Data Classification and Protection
Experience creating and maintaining cybersecurity governance and compliance documentation.
Knowledge of cybersecurity technologies including:
- Identity and Access Management (IAM)
- Network Access Control (NAC)
- Next-Generation Firewalls
- VPN Technologies
- Micro-Segmentation
- Vulnerability Management Platforms
- Encryption Technologies
Strong analytical, problem-solving, communication, and presentation skills.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10513292
Position Id: 72722-12895-
Posted 4 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Albany, New York

•

Yesterday

W2 role Must be locals 5 days a week onsite No agency or C2C will NOT be considered and Visa sponsorship is not available nor provided Key Responsibilities Configure and troubleshoot VLANs, network segments, and routing protocols.Monitor network performance and availability using network management toolsRespond to and resolve network incidents, including connectivity issues, performance degradation, and security alerts.Perform routine maintenance tasks such as firmware updates, configuration ba

Easy Apply

Contract

Depends on Experience

Advanced Information Assurance Engineer

Pittsfield, Massachusetts

•

Today

Basic Qualifications Bachelor's degree in Engineering, or a related Science or Mathematics field, plus a minimum of 5 years of relevant experience; or Master's degree plus a minimum of 3 years of relevant experience. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of wo

Full-time

USD 118,519.00 - 131,482.00 per year

Cyber Security Engineer

New York

•

Today

Description We are looking for a Cyber Security Engineer to strengthen and oversee the organization's security posture in New York. This role is suited to an experienced, detail-oriented individual who can assess risk, guide security practices, and protect systems across a mixed technology environment. The ideal candidate brings strong judgment, technical depth, and the ability to communicate clearly with stakeholders while handling sensitive matters with discretion. Responsibilities: Lead day-

Easy Apply

Full-time

USD 100,000.00 - 108,312.00 per year

IT Security Manager/Remote

Remote

•

2d ago

Job Description- IT Security Manager Job Summary The IT Security Manager is responsible for developing, implementing, and managing the organization's information security program to protect systems, networks, applications, and data from cyber threats. This role leads security initiatives, manages security operations, ensures compliance with regulatory requirements, and works closely with business and technology teams to reduce security risks and strengthen the organization's security posture.

Easy Apply

Third Party, Contract

Depends on Experience

Search all similar jobs

Cybersecurity Risk Management Specialist/ IT/OT Security Risk Management Consultant

Dice Job Match Score™

Job Details

Skills

Summary

Position Overview

Key Responsibilities

Risk Management & Assessment

Security Control Assessment & Compliance

Threat & Vulnerability Management

Governance, Reporting & Documentation

Required Qualifications

Similar Jobs