×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Risk Management Specialist

Job in Albany, Albany County, New York, 12237, USA
Listing for: Akkodis
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Our client is seeking an experienced Risk Management Specialist to support a long-term client in Albany, NY. The ideal candidate will have strong experience in cybersecurity risk management, especially within critical infrastructure and OT environments, and will be well versed in applying the NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), NIST SP 800-53, and NIST SP 800-82. This role requires a candidate who can identify, assess, communicate, and help mitigate risk in complex, operationally sensitive environments where security must be maintained along with reliability and availability.

The position is onsite daily in Albany, NY.

Role/Responsibilities:
  • Apply the NIST Risk Management Framework (RMF) to assess, manage, and monitor risks across IT, ITS and OT systems.
  • Establish, maintain, and update a comprehensive risk register documenting identified risks, business and operational impacts, likelihood, and mitigation strategies.
  • Implement risk assessment methodologies, including interpreting and participating in vulnerability scanning, penetration testing, and threat modeling.
  • Perform data classification, analysis, and reporting
  • Review work intake requests to determine potential risk introduced to the environment based on the request
  • Perform assessments of AI systems for potential risks
Security Control Implementation and Assessment
  • Select, implement, and assess security controls based on NIST SP 800-53 and NIST SP 800-82 and technical requirements
  • Tailor security controls to the specific operational, technical, and safety requirements of IT, ITS and OT environments.
  • Conduct recurring security control assessments to validate effectiveness, identify gaps, and support compliance requirements.
Threat and Vulnerability Management
  • Maintain and manage risk information to identify threats, vulnerabilities, and operational risks affecting, IT, Intelligent Transportation Systems (ITS), and OT systems.
  • Interpret vulnerability assessments of external IP addresses and internal systems, and support prioritization of remediation based on risk and business impact.
  • Develop and support implementation of incident response plans for cybersecurity events, including denial-of-service (DoS), phishing, ransomware, other business impacting incidents.
Compliance and Reporting
  • Prepare and present regular risk reports for leadership, including key risks, trends, mitigation activities, and recommended actions.
  • Help ensure compliance with applicable federal and state cybersecurity regulations, policies, and standards.
Minimum Qualifications
  • Bachelors or Masters degree in Cybersecurity, Risk Management, or a related field or equivalent experience.
  • Experience in risk management, preferably in a critical infrastructure environment.
  • Strong understanding relevant NIST special publications such as, NIST RMF, NIST SP 800-30, NIST CSF, NIST SP 800-53, and NIST SP 800-82.
  • Experience with vulnerability assessment and penetration testing platforms, reports, and remediation.
  • Knowledge of threat intelligence sources and threat analysis techniques.
  • Experience with Operational Technology (OT) security is highly desirable.
  • The CIA Triad and how it applies to IT, ITS, and OT environments.
  • Ability to interpret vulnerability and penetration testing reports.
  • Experience creating well-crated information security documentation such as BIA, WISP, Risk Assessment, IRP, DRP, BCP, Policies, Cybersecurity Awareness training
  • Strong grasp of foundational cybersecurity principles such as defense in depth, least privilege, CIA triad, more.
  • In-depth understanding of data classification and protection.
Preferred Qualifications
  • Relevant professional level certifications such as CISSP, CRISC, or CISM
  • Experience working in transportation, public sector, industrial, or other operationally critical environments is highly desirable.
  • Familiarity with risk management in environments that require strong coordination among cybersecurity, engineering, and operations teams.
  • Experience preparing executive-level risk briefings and technical risk documentation.
  • Analyst level support on EDR configuration and threat detection.
  • Ability to perform vulnerability scans in IT and OT…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search