Evolver, Inc.

  • Cyber Risk Management Analyst: Business (FAIR)

    Job Location US-DC
    Posted Date 3 weeks ago(6/28/2018 12:49 AM)
    Job ID
    # of Openings
  • Overview

    Evolver is a technology company serving the Federal, Commercial, and Legal markets that addresses client challenges in the present and transitions clients into the future by introducing efficient and effective IT solutions. Established in 2000, Evolver has successfully grown to be a trusted technology leader. Evolver’s efforts and growth have been recognized by leading publications and organizations, including Inc. 5000 for five consecutive years, and most recently “Future 50” from SmartCEO. With a dedicated focus on client satisfaction, Evolver has proven its value time and time again, from managing day-to-day operations to skillfully navigating the implementation and support of new technologies. Evolver’s core competencies are infrastructure, application development, cybersecurity, cloud, end-user support, data analytics and legal services.

    We believe our employees are key to our success and continued growth. We attract and retain our diverse workforce by promoting a work-life balance with generous and flexible time off, competitive compensation and benefits, and a commitment to professional development. When you join Evolver, you join a community of talented and dedicated individuals whose abilities, skills, and actions contribute to the success of the company.

    For more information about Evolver, visit https://evolverinc.com.

    Essential Job Duties and Responsibilities

    Job Information
    Design and administer project where the team applies state of the art technologies to calculate business risk, correlates the risk to quantitative dollars, develop and implement plans to reduce the risk, and monitor internal and external environments. Use the FAIR model to analyze and report quantitative risk exposure. FAIR is an internationally recognized standard for quantitatively modeling information and operational risk. Risk quantification allows cybersecurity staff and business executives to measure, manage, and communicate information risk by using a common language: money.


    • Facilitate cyber risks discussions with senior executives and managers to understand the more serious threats concerning the organization.
    • Apply cyber risk management principles in different government and commercial sectors to conduct quantified risk assessments
    • Establish scope of risk analysis and define analysis success parameters
    • Collect relevant data points and guide customers with calibrating input ranges
    • Review results to identify potential outlier data inputs
    • Write reports that describe assessment assumptions, scope parameters, and recommendations to client on remediation actions
    • Collaborate with management and peers to continuously learn and improve
    • Be an active member of the broader risk management community
    • Draft case studies and other risk analysis / risk management research
    • Support sales team with technical discussions and demonstrations

    Abilities Required:

    • Consulting experience in Cyber Security or Risk Management
    • Have strong interpersonal and communication skills to work with clients on new and emerging projects
    • Ability to communicate effectively with senior management, both orally and in writing
    • Ability to think critically from different perspectives (outside the box)
    • Ability to think like the adversary
    • Ability to work on a team and individually
    • Aptitude with established risk management practices
    • Ability to conduct focused research and develop recommendations
    • Bachelor’s Degree required.  Will consider years of experience and/or certifications in lieu of Degree.

    Minimum Qualifications and Requirements

    Minimum Experience

    • 6+ years of related experience

    Technical Requirements (required and desired)


    Specialized Knowledge and Skills

    • Advanced/Intermediate skill in writing reports for audiences up to the highest levels within an organization. 
    • Strong background in information security, IT audit or security risk management
    • Familiarity with statistical concepts
    • Risk Analysis experience – preferably with Factor Analysis of Information Risk (FAIR)
    • Knowledge of IT GRC technology platforms

    Training and Certifications (required and desired)


    • Certified in Open FAIR, CRISC or other risk-related certifications (desired)


    • Bachelor's Degree in computer science, accounting, finance, or equivalent technical or business curriculum

    EOE Statement

    At Evolver, we foster teamwork, growth, individuality and entrepreneurialism. We value employee opinions and encourage them to make a difference by getting involved and being thought-leaders. As a part of the Evolver team, we actively promote a working and learning environment that supports a highly qualified workforce and a quality of work life that is based on trust and respect for all employees resulting in a healthy and trusting organizational culture.


    As a condition of employment with Evolver, any successful job applicant will be required to pass a pre-employment background investigation, which may also include a credit check for positions in some areas of our business. 


    Evolver, Inc. is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability or veteran status. Evolver offers a comprehensive benefits plan including (but not limited to): medical, dental, vision, 401(k), life, AD&D and short term and long term disability insurance.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed