Description

Technomics is a growing employee-owned, decision analytics company that specializes in cost and economic analysis to facilitate better decisions faster. We enable a wide range of clients across the Federal government, from senior level policy makers to program managers, to choose smartly, buy effectively and operate efficiently. We deliver practical, credible and defensible results offering actionable insights by applying data-driven and analytics-based approaches in combination with multidisciplinary talent, subject matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.

Senior Associates use problem-solving principles, processes and methods and complementary software applications to support client engagements and have a direct and significant impact on deliverables to clients. Your work will be guided by more experienced team members, but you will work with autonomy.

Our employee-owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assist clients in understanding and solving a myriad of challenging resource planning and management problems.

This position is located in Arlington, VA.

We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.

Description:

We are seeking a Junior Cyber Risk Data Engineer/Analyst. This role focuses on the data side of cyber risk management — capturing outputs from senior SMEs, tagging and structuring data, and building data-driven capabilities that support proactive risk identification.
The ideal candidate is detail-oriented and eager to grow in the cybersecurity field.
You will help organize and manage risk assessment data, connect outputs to external threat/vulnerability databases (e.g., CVE/NVD, MITRE ATT&CK), and develop structured knowledge bases that allow for trend analysis and lessons learned.
This position is perfect for someone who wants to learn from senior SMEs while building technical skills in data analysis, visualization, and cyber risk management. You’ll play a key role in helping clients shift from reactive reporting to proactive risk detection.

Clearance Required: Active DOW Secret or higher.

Key Responsibilities:

Support senior SMEs by collecting, organizing, and structuring cyber risk assessment outputs into usable datasets and knowledge repositories.
Implement data tagging, metadata standards, and knowledge capture practices to enable traceability and lessons-learned reuse across assessments.
Connect assessment data with external threat and vulnerability databases (e.g., MITRE ATT&CK, CVE/NVD, vendor advisories) to enrich analysis and support proactive risk identification.
Develop and maintain structured datasets, dashboards, or knowledge management tools that allow for trend analysis and predictive insights.
Assist in building data-driven capabilities to shift risk management from reactive reporting toward proactive detection and trend anticipation.
Work closely with senior cyber SMEs to ensure data accurately reflects risk findings, mitigation considerations, and enterprise impacts.
Support the development of data visualization products, analytic reports, and briefing materials for leadership.
Contribute to the maturation of the clients risk knowledge base by aligning historical assessment data with new findings.

Requirements

Required Qualifications:

1–3 years of experience in cybersecurity, data analysis, or IT risk management.
Familiarity with cybersecurity frameworks such as NIST SP 800-30, RMF, or MITRE ATT&CK (coursework, internships, or entry-level experience acceptable).
Demonstrated experience with data analysis, organization, and visualization (Excel, Power BI, Tableau, or similar).
Ability to work with structured and unstructured data, including tagging, metadata, and relational mapping.
Strong written and verbal communication skills to document findings and support SME deliverables.

Preferred Qualifications:

Experience supporting national security organizations.
Familiarity with cyber threat and vulnerability databases (CVE, NVD, CISA KEV catalog, vendor advisories).
Coursework or hands-on exposure to Python, SQL, or other scripting tools for data handling.
Technical certifications such as Security+.
Understanding of knowledge management or data governance practices.
Ability to work in a team-oriented, high-paced environment and interact with both technical and non-technical stakeholders.