New

Part-Time Cyber Risk & Metrics Subject Matter Expert (SME)

Lafayette Group Inc.
$65/hr -$75/hr
United States, Virginia, Arlington
4200 Wilson Boulevard (Show on map)
Jun 12, 2026
Part-Time Cyber Risk & Metrics Subject Matter Expert (SME) Job Summary: Lafayette Group is seeking an experienced risk expert to work with federal government organizations in support of national cybersecurity programs. The Cyber Risk & Metrics SME will provide strategic and analytical expertise to strengthen the development, measurement, and effectiveness of cybersecurity products and initiatives that support coordinated cyber defense across government and critical infrastructure sectors. This role focuses on helping organizations understand, communicate, and prioritize cybersecurity risks through data-driven insights, performance measurement, and risk-informed decision-making. The successful candidate will support cybersecurity product development, stakeholder engagement efforts, product performance evaluation, customer experience initiatives, and strategic planning activities by applying cyber risk management principles, performance metrics, and analytical methodologies. The ideal candidate possesses strong analytical capabilities, experience working with cybersecurity programs, and the ability to translate complex technical concepts into actionable insights for executive and operational audiences. Job Responsibilities: Provide subject matter expertise related to cybersecurity risk management, risk communication, and cyber risk measurement. Support the development of cybersecurity products, guidance, frameworks, and strategic communications intended for government and critical infrastructure stakeholders. Design and implement performance measurement frameworks to evaluate product effectiveness, stakeholder adoption, and mission impact. Develop quantitative and qualitative metrics, dashboards, and reporting mechanisms to support executive decision-making. Analyze cyber risk data, stakeholder feedback, engagement metrics, and operational information to identify trends and improvement opportunities. Support customer experience and stakeholder engagement initiatives by developing methodologies to assess stakeholder needs, behaviors, and outcomes. Conduct research and analysis of cybersecurity threats, vulnerabilities, emerging risks, and sector-specific challenges. Develop executive briefings, reports, white papers, and strategic recommendations. Facilitate workshops, working groups, and stakeholder engagements focused on cybersecurity risk and performance measurement. Collaborate with cybersecurity subject matter experts, product developers, communications professionals, and government leadership to ensure products are aligned with stakeholder priorities and mission objectives. Required Qualifications: Bachelor's Degree in Cybersecurity, Information Systems, Data Analytics, Risk Management, Computer Science, Engineering, Public Policy, or related field. 10+ years of professional experience supporting cybersecurity programs, cyber risk management, risk assessment, cyber analytics, or related disciplines. Demonstrated experience applying cyber risk management frameworks such as NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), or similar methodologies. Experience developing performance measures, KPIs, dashboards, or metrics programs. Strong analytical and problem-solving skills. Experience translating technical cybersecurity concepts into executive-level communications and recommendations. Excellent written and verbal communication skills. Ability to obtain and maintain suitability, including successful completion of background investigation and fingerprinting requirements. Desired Qualifications: Candidates who bring one or more of the following complementary skill areas are especially encouraged to apply: Experience supporting DHS, CISA, NSA, FBI Cyber, DoD Cyber Components, or critical infrastructure cybersecurity programs. Experience conducting cyber risk assessments, maturity assessments, or enterprise risk analyses. Experience developing cybersecurity performance measurement frameworks or product effectiveness metrics. Experience with cybersecurity data analytics, visualization, and reporting platforms such as Power BI, Tableau, Splunk, or Elastic. Familiarity with MITRE ATT&CK, Cyber Kill Chain, CVSS, CISA Known Exploited Vulnerabilities (KEV), or related cyber risk methodologies. Experience supporting executive cyber risk reporting and strategic planning efforts. Relevant certifications such as CISSP, CRISC, CISM, Security+, CGRC, PMP, or Certified Data Analyst certifications. Experience supporting cyber threat intelligence, vulnerability management, or cyber defense operations. Location: Arlington, VA/Hybrid or Remote Federal Contracts: This position involves working on federal contracts that require all workers on the contract to be U.S. Citizens. Additionally, some contracts may require the ability to obtain a security clearance. Pay Range: $65/hr - $75/hr (est. 20hrs/week) LGI carefully considers various factors when determining salary, including but not limited to education and training, professional experience, knowledge, skills and competencies, licensure and certifications, contract-specific affordability, and organizational requirements. New employees are not usually hired at the top of the estimated salary range and salary decisions depend on the circumstances and factors for each case. Salary is only one aspect of LGI's generous total compensation package. Lafayette Group provides equal employment opportunities to all persons and prohibits employment decisions based on race, religion, color, creed, national origin, sex, age, disability, political affiliation, protected veteran status, or sexual orientation. Equal Opportunity Employer, including disabled and veterans.