1

Cyber Risk Analyst Jobs in California (NOW HIRING)

Agentic Risk Analyst

San Francisco, CA · On-site

$288K - $425K/yr

About the Role As an Agentic Risk Analyst, you will shape OpenAI's operating picture for current ... Have significant experience-typically 7+ years-in trust and safety, integrity, security, cyber ...

Championing adaptive insurance, Cowbell follows policyholders' cyber risk exposures as they evolve ... Perform tasks such as coverage analysis and letter writing; investigation; incident response ...

Championing adaptive insurance, Cowbell follows policyholders' cyber risk exposures as they evolve ... Perform tasks such as coverage analysis and letter writing; investigation; incident response ...

next page

Showing results 1-20

Cyber Risk Analyst information

See California salary details

$43.9K

$106.1K

$149K

How much do cyber risk analyst jobs pay per year?

As of Jul 14, 2026, the average yearly pay for cyber risk analyst in California is $106,114.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,300.00 and $124,800.00 per year, depending on experience, location, and employer.

What does a cyber risk analyst do?

A cyber risk analyst evaluates an organization's cybersecurity threats and vulnerabilities to identify potential risks. They analyze security data, develop risk mitigation strategies, and often use tools like risk assessment frameworks and security information and event management (SIEM) systems to protect digital assets.

What is the difference between Cyber Risk Analyst vs Cyber Security Analyst?

AspectCyber Risk AnalystCyber Security Analyst
CertificationsCertified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC)CompTIA Security+, Certified Ethical Hacker (CEH)
Work EnvironmentRisk assessment, policy development, complianceNetwork monitoring, threat detection, incident response
Employer & IndustryFinancial, healthcare, government sectors focusing on risk managementIT departments, cybersecurity firms, tech companies

While both roles focus on cybersecurity, a Cyber Risk Analyst primarily assesses and manages potential risks to an organization’s information assets, whereas a Cyber Security Analyst concentrates on defending systems from threats and responding to security incidents. The roles often overlap but differ in their core focus areas.

Can you make $500,000 a year in cyber security?

Cyber Risk Analysts typically earn between $70,000 and $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires senior roles such as Chief Information Security Officer or specialized consulting positions, often combined with extensive experience and advanced skills in areas like threat management and security architecture.

Is 30 too late for cyber security?

Cyber Risk Analysts and other cybersecurity professionals can enter the field at any age, including 30 or older. Success often depends on acquiring relevant skills, certifications, and experience, which can be achieved through training programs, self-study, or prior related work experience.

Can you make $200,000 in cyber security?

Cyber Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and in senior or specialized roles. Salaries vary based on industry, location, and level of expertise, with high-demand areas offering higher compensation.

What are the key skills and qualifications needed to thrive as a Cyber Risk Analyst, and why are they important?

To thrive as a Cyber Risk Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and often a degree in cybersecurity, computer science, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), vulnerability assessment tools, and security information and event management (SIEM) systems is typically required, along with certifications like CISSP or CISM. Analytical thinking, attention to detail, and strong communication skills are essential soft skills for this role. These competencies ensure accurate identification, evaluation, and mitigation of cyber risks to protect organizational assets and maintain regulatory compliance.

How does a Cyber Risk Analyst typically collaborate with other departments to improve an organization's security posture?

Cyber Risk Analysts work closely with various departments, such as IT, compliance, and business units, to identify and assess potential security threats. They often facilitate risk assessments, conduct training sessions to raise awareness, and help develop incident response plans. Regular communication and collaboration are essential, as analysts must ensure that security recommendations align with business goals and regulatory requirements. This cross-functional teamwork creates a more resilient security environment and helps integrate cybersecurity best practices throughout the organization.
What job categories do people searching Cyber Risk Analyst jobs in California look for? The top searched job categories for Cyber Risk Analyst jobs in California are:
Infographic showing various Cyber Risk Analyst job openings in California as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 83% Full Time, 8% Part Time, 2% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $106,114 per year, or $51 per hour.
Expert Cyber Risk Management Engineer

Expert Cyber Risk Management Engineer

Resource Consultings Services Inc.

Oakland, CA • On-site

Contractor

Re-posted 2 days ago


Job description

Position: Expert Cyber Risk Management Engineer

Location: Oakland, CA (Onsite only)

Duration: Contract to Hire

Tentative Start Date: Nov/03/2025

Job Description:

This is a temp to hire opportunity
Ideal candidate will reside local to Oakland, CA

Responsibilities

  • Develop processes, maintain internal frameworks, create documentation templates, and implement tooling to support and mature assurance service delivery.
  • Collaborate with security specialists, enterprise architects, and other technical leaders to ensure security solutions sufficiently mitigate risks and align with business objectives and regulatory requirements.
  • Analyze risk exposure and consult on the design of cyber risk management capabilities where improvements are needed.
  • Assess the effectiveness of cybersecurity capabilities, provide guidance on managing risks associated with ineffective controls, and influence decision-making by educating stakeholders.
  • Track and report issue status, ensuring timely resolution of identified risks.
  • Communicate cybersecurity risks and solutions to technical and non-technical audiences across all levels of management.
  • Advise on enterprise-level decisions by presenting insights to senior leadership, including technology executives and governance bodies.
  • Collaborate with legal, compliance, and audit teams to ensure alignment with regulatory expectations and contractual obligations.
  • Maintain ongoing communication with leadership regarding developments in assigned areas and contribute to special projects as needed.
  • Provide thought leadership and consulting support in the creation and maintenance of security-enabled processes across cybersecurity and technology teams.
  • Mentor team members on technical topics, interpersonal dynamics, organizational policies, and enterprise operations.
  • Partner with infrastructure, application, and data teams to ensure security controls are embedded across technology lifecycles and operational processes.
  • Conduct regular risk assessments to ensure compliance with internal policies, external regulations, and industry standards; update unified requirements and document corrective actions.
  • Define and track key performance indicators (KPIs) for cyber risk management capabilities, including issue closure rates, control effectiveness, and remediation timelines.
  • Stay current with emerging threats, trends, and technologies, and provide strategic recommendations to enhance the organizations security posture.
  • Contribute to the development and enforcement of cybersecurity policies, standards, and guidelines to ensure consistent and effective practices.
  • Advise on the selection and implementation of security tools and technologies aligned with the cyber risk management strategy.

Qualifications

  • Strong communication skills, with emphasis on active listening and clarity.
  • Demonstrated empathy and ability to build trust within teams.
  • Proven ability to research and maintain current technical knowledge in a rapidly evolving environment.
  • Experience with Azure and Oracle public cloud infrastructures.
  • Expertise in preparing business plans, IT strategies, technology roadmaps, and technical proposals.
  • Ability to analyze business requirements and recommend timely, effective solutions.
  • Demonstrated creativity and problem-solving skills in directing analysis and developing solutions.
  • Knowledge of project development life cycle, with ability to coordinate and prioritize multiple initiatives.