Guidehouse
Cyber Consulting
SeniorCyberRiskandVulnerabilityAssessor
“Senior Cyber Risk and Vulnerability Assessor at Guidehouse. Skills: Security control assessments, NIST RMF, Risk management, Cybersecurity. Lead security control assessments. Oversee assessment strategy”
What You'll Achieve.
Enable informed authorization decisions; Strengthen enterprise risk posture
Industry & Context.
Translate assessment results into clear, defensible risk recommendations
Up to 10% Travel, Active Public Trust Clearance Required, Ability to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"
What They're Looking For.
Must Have
Federal or DoD "PUBLIC TRUST", Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field, Minimum of NINE (9) or more years of progressively responsible experience performing or leading security control assessments, audits, or cybersecurity risk assessments, Certified in Governance, Risk and Compliance (CGRC) (active), Certified Information Systems Security Professional (CISSP) (active), Demonstrated experience conducting assessments under the NIST RMF, Experience assessing high‑impact or high‑value asset (HVA) systems, understanding of security control implementation and assessment across enterprise, cloud, and hybrid architectures, Proven ability to communicate risk clearly and effectively to technical and executive stakeholders, including Authorizing Officials, Excellent written and verbal communication skills, including formal assessment reporting and executive briefings
Nice to Have
ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance, Experience with continuous monitoring programs and control inheritance models, Familiarity with major cloud service providers and their shared responsibility models, Additional certifications such as CISM, CISA, CCSP, HVA Assessment Lead/Technical Lead/Operator, or cloud security credentials, Prior consulting experience with responsibility for delivery quality, stakeholder management, and team leadership
What You'll Do.
Lead security control assessments
Oversee assessment strategy
Validate remediation effectiveness
Provide risk determinations
Direct assessment planning
Supervise system assessments
Analyze assessment results
Develop risk recommendations
Ensure alignment with federal frameworks
Oversee deliverable quality
Provide guidance on risk acceptance
Coordinate assessment activities
Mentor and develop assessors
Support practice growth
How You'll Work.
Team & Collaboration
Serve as advisor to system owners; Serve as advisor to ISSOs; Serve as advisor to security engineers; Coordinate assessment activities across multiple systems; Ensure stakeholder alignment
Communication Scope
Communicate risk clearly and effectively; Formal assessment reporting; Executive briefings; Written communication skills; Verbal communication skills
Process & Methodology
Oversee assessment strategy and execution, Ensure schedule adherence
Applying for this Senior Cyber Risk and Vulnerability Assessor role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Guidehouse?
Real rants from real employees. Read before you apply.