Cyber Security Risk Lead

Posted 7 Days Ago
Be an Early Applicant
Hiring Remotely in Arlington, VA
Remote
Senior level
Information Technology • Financial Services
The Role
Lead cybersecurity risk management for VA systems, develop mitigation strategies, conduct security assessments, and ensure compliance with federal standards.
Summary Generated by Built In

Trilogy Federal provides financial management, information technology (IT) consulting, program management services, and strategic consulting to federal agencies. Trilogy has an extensive history helping federal clients achieve their most ambitious business modernization and optimization goals with the ability to deliver targeted subject matter expertise and full life cycle support.


Trilogy Federal is seeking a Cyber Security Risk Lead to support the Department of Veterans Affairs (VA). The ideal candidate will be a seasoned cybersecurity professional with expertise in risk management and compliance, excelling in a fast-paced, client-focused environment. This role requires a proactive, strategic leader to join our team, ensuring the security and integrity of VA corporate IT systems, including legacy applications and DevSecOps-driven initiatives. 


The selected Cyber Security Risk Lead must hold at least one of the following active certifications: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or GIAC Security Leadership Certification (GSLC). This position will oversee cybersecurity risk assessments, mitigation strategies, and compliance efforts, aligning with VA’s Veteran-focused Integration Process (VIP) Lean-Agile framework and stringent federal security standards.

 

Please note this position is contingent upon award (Q2/Q3 2025), and may require occasional customer site visits in D.C.

Primary Responsibilities:

  • Lead cybersecurity risk management for VA corporate IT systems, identifying, assessing, and prioritizing risks across legacy and DevSecOps environments (e.g., AWS, Azure). 
  • Develop and implement risk mitigation strategies, ensuring compliance with VA security standards (e.g., FISMA, NIST 800-53, FIPS 140-2, HIPAA) and VA Handbook 6500. 
  • Conduct regular security assessments, vulnerability scans, and penetration testing, collaborating with DevOps and Cloud Engineers to harden systems and CI/CD pipelines. 
  • Oversee the integration of security controls (e.g., encryption, access management, monitoring) into development and deployment processes, aligning with Agile delivery cycles. 
  • Serve as the primary point of contact for VA stakeholders, including the Information Security Officer (ISO) and Contracting Officer’s Representative (COR), on cybersecurity risk and compliance matters. 
  • Utilize VA-approved tools (e.g., Jira, GitHub, ServiceNow) to document risk assessments, track remediation efforts, and contribute to Biweekly Status Reports on security posture and incidents. 
  • Ensure alignment with the VIP Lean-Agile framework by embedding security practices into Agile ceremonies (e.g., sprint planning, retrospectives) and supporting incremental delivery. 
  • Coordinate with Solution Leads and Data Architects to secure data migrations, cloud deployments, and enterprise asset management systems (e.g., IBM Maximo). 
  • Monitor emerging threats and regulatory changes, advising on the adoption of technologies like AI-driven security analytics to enhance VA OIT’s cybersecurity resilience. 
  • Mentor team members on cybersecurity best practices, risk management frameworks, and federal compliance, contributing to Trilogy’s staff development and technical excellence initiatives. 
  • Manage incident response planning and execution, ensuring rapid resolution of security breaches and minimal impact on VA operations. 
  • Drive exceptional customer satisfaction by delivering proactive, Veteran-centric cybersecurity solutions that safeguard VA systems and data. 

Minimum Requirements:

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. 
  • One of the following certifications required: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or GIAC Security Leadership Certification (GSLC)
  • 8+ years of experience in cybersecurity, risk management, or a related leadership role, with a focus on federal or VA IT environments. 
  • Proven expertise in risk assessment, security compliance, and mitigation strategies, with hands-on experience using tools like Nessus, Qualys, Splunk, or Tenable. 
  • Strong leadership and analytical skills, with the ability to manage complex security challenges in a dynamic, fast-paced environment. 
  • Familiarity with VA security standards (e.g., FISMA, NIST, HIPAA) and the VIP Lean-Agile framework is highly desirable. 
  • Proficiency in MS Office Applications (Word, Excel, PowerPoint, Visio, SharePoint) and VA-approved tools (e.g., Jira, GitHub, ServiceNow). 
  • Ability to adapt to evolving security threats and travel occasionally to VA sites in Washington, D.C., as needed. 
  • Ability to obtain a Public Trust Clearance

Preferred Qualifications:

  • Master’s preferred
  • Additional certifications such as CEH (Certified Ethical Hacker) or CRISC (Certified in Risk and Information Systems Control) preferred.

Benefits (including but not limited to):

  • Health, dental, and vision plans
  • Optional FSA
  • Paid parental leave
  • Safe Harbor 401(k) with employer contributions 100% vested from day 1
  • Paid time off and 11 paid holidays
  • No cost group term life/AD&D plan, and optional supplemental coverage
  • Pet insurance
  • Monthly phone and internet stipend
  • Tuition and training reimbursement

Regarding remote positions, Trilogy Federal is able to offer virtual employment in the following states: Colorado, Connecticut, D.C., Florida, Georgia, Illinois, Maryland, New York, South Carolina, Texas, and Virginia.



Trilogy Federal is an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Top Skills

AWS
Azure
Cism
Cissp
Fips 140-2
Fisma
Giac Security Leadership Certification
Git
Hipaa
JIRA
Ms Office Applications
Nessus
Nist 800-53
Qualys
Servicenow
Splunk
Tenable
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Arlington, VA
121 Employees
On-site Workplace
Year Founded: 2009

What We Do

Founded in 2009 and headquartered in the Washington DC metro area, Trilogy Federal is a verified service-disabled, veteran-owned small business (SDVOSB) providing financial management and information technology consulting to the Federal government. Trilogy has an extensive and distinctive history helping Federal clients achieve their financial management goals. Our leadership team has over 60 years of combined experience supporting Federal financial management initiatives. Our professional staff specializes in federal financial management and maintains certifications in several relevant programs.

Trilogy strives to provide its clients with a flexible and comprehensive approach to financial management with the ultimate goal of fiscal compliance and audit readiness. The Trilogy approach starts with assessing the financial management solution and determining its effectiveness in capturing functional business requirements and meeting agency reporting requirements. Since our inception, we have assisted our federal partners in migrating to new financial management systems or enhancing existing systems to meet new requirements. Ultimately, success lies in the data, where Trilogy utilizes industry leading Business Intelligence and Business Performance Management tools to assess the overall effectiveness of financial business operations and to produce timely, reliable and value-added financial reporting. We have a proven track record of successful implementations for agencies large and small.

Similar Jobs

PagerDuty Logo PagerDuty

Senior Security Engineer 4, Product & Application Security

Artificial Intelligence • Cloud • Information Technology • Machine Learning • Software • Big Data Analytics • Automation
Easy Apply
Remote
Hybrid
USA
1200 Employees

Crusoe Energy Systems Logo Crusoe Energy Systems

Senior Product Security Engineer

Cloud • Greentech • Other • Energy
Remote
Hybrid
2 Locations
667 Employees
180K-230K Annually

Webflow Logo Webflow

Privacy and Security Analyst

eCommerce • Software • Design • SEO
Easy Apply
Remote
U.S.

Voltage Park Logo Voltage Park

Security Engineer

Artificial Intelligence • Cloud • Hardware • Machine Learning • Other • Software • Infrastructure as a Service (IaaS)
Remote
2 Locations
51 Employees
115K-145K Annually

Similar Companies Hiring

Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Enterprise Web • Consulting • Cloud
Chicago, IL
45 Employees
InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees
HERE Technologies Thumbnail
Software • Logistics • Internet of Things • Information Technology • Computer Vision • Automotive • Artificial Intelligence
Amsterdam, NL
6000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account