1

Cyber Risk Analyst Jobs in Oregon (NOW HIRING)

Improved executive visibility into cyber risk with actionable, business-oriented reporting ... Oversee risk assessments, privacy impact analyses, and security reviews. * Maintain and evolve the ...

Improved executive visibility into cyber risk with actionable, business-oriented reporting ... Oversee risk assessments, privacy impact analyses, and security reviews. * Maintain and evolve the ...

Deliver threat modeling analysis for critical applications and ensure WASP findings feed ... Coordinate with OCIO, Cyber Risk, client Vulnerability Management, and the DHS CDM PMO on program ...

Risk Manager

Gresham, OR

$108K - $155K/yr

... cyber, volunteer accident coverage, and other policies as needed. Contract Review and Risk ... management, analysis, and loss control. Contract administration The Risk Manager identifies ...

Risk Manager

Gresham, OR · On-site

$108K - $155K/yr

... cyber, volunteer accident coverage, and other policies as needed. Contract Review and Risk ... Analyze problems, identify alternative solutions, assess consequences of proposed actions, and ...

Hybrid - 3 Days per Quarter The role reports to the Head of Cyber Risk Management, inside of ... Help categorize engagement results in a consistent and meaningful manner to support trend analysis ...

... Analytics) and translate deep technical vulnerabilities into high-fidelity, business-centric risk ... Experience applying quantitative frameworks to calculate the financial impact of cyber risk and ...

Cloud Security Engineer Manager

Portland, OR · On-site

$151K/yr

The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape ... Networking knowledge and experience in traffic analysis using tools such as Wireshark. * Experience ...

Escalate confirmed, ambiguous, high-risk, or complex alerts to SOC Analyst 2, SOC Analyst 3, or SOC ... Stay current with common cyber threats, phishing techniques, malware trends, vulnerabilities, user ...

... analysts. Named one of the Best Places to Work in the Washington DC area for 12 consecutive years ... or cyber risk management. * Bachelor's degree in Computer Science, Information Systems ...

SOC Tier 3 Analyst

Portland, OR · On-site

$88K - $104K/yr

Provide technical facts, risk context, and recommended response priorities to SOC leadership for ... Stay current with evolving cyber threats, vulnerabilities, adversary tradecraft, detection ...

next page

Showing results 1-20

Cyber Risk Analyst information

See Oregon salary details

$47K

$113.7K

$159.7K

How much do cyber risk analyst jobs pay per year?

As of Jul 13, 2026, the average yearly pay for cyber risk analyst in Oregon is $113,681.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,700.00 and $133,700.00 per year, depending on experience, location, and employer.

What does a cyber risk analyst do?

A cyber risk analyst evaluates an organization's cybersecurity threats and vulnerabilities to identify potential risks. They analyze security data, develop risk mitigation strategies, and often use tools like risk assessment frameworks and security information and event management (SIEM) systems to protect digital assets.

What is the difference between Cyber Risk Analyst vs Cyber Security Analyst?

AspectCyber Risk AnalystCyber Security Analyst
CertificationsCertified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC)CompTIA Security+, Certified Ethical Hacker (CEH)
Work EnvironmentRisk assessment, policy development, complianceNetwork monitoring, threat detection, incident response
Employer & IndustryFinancial, healthcare, government sectors focusing on risk managementIT departments, cybersecurity firms, tech companies

While both roles focus on cybersecurity, a Cyber Risk Analyst primarily assesses and manages potential risks to an organization’s information assets, whereas a Cyber Security Analyst concentrates on defending systems from threats and responding to security incidents. The roles often overlap but differ in their core focus areas.

Can you make $500,000 a year in cyber security?

Cyber Risk Analysts typically earn between $70,000 and $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires senior roles such as Chief Information Security Officer or specialized consulting positions, often combined with extensive experience and advanced skills in areas like threat management and security architecture.

Is 30 too late for cyber security?

Cyber Risk Analysts and other cybersecurity professionals can enter the field at any age, including 30 or older. Success often depends on acquiring relevant skills, certifications, and experience, which can be achieved through training programs, self-study, or prior related work experience.

Can you make $200,000 in cyber security?

Cyber Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and in senior or specialized roles. Salaries vary based on industry, location, and level of expertise, with high-demand areas offering higher compensation.

What are the key skills and qualifications needed to thrive as a Cyber Risk Analyst, and why are they important?

To thrive as a Cyber Risk Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and often a degree in cybersecurity, computer science, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), vulnerability assessment tools, and security information and event management (SIEM) systems is typically required, along with certifications like CISSP or CISM. Analytical thinking, attention to detail, and strong communication skills are essential soft skills for this role. These competencies ensure accurate identification, evaluation, and mitigation of cyber risks to protect organizational assets and maintain regulatory compliance.

How does a Cyber Risk Analyst typically collaborate with other departments to improve an organization's security posture?

Cyber Risk Analysts work closely with various departments, such as IT, compliance, and business units, to identify and assess potential security threats. They often facilitate risk assessments, conduct training sessions to raise awareness, and help develop incident response plans. Regular communication and collaboration are essential, as analysts must ensure that security recommendations align with business goals and regulatory requirements. This cross-functional teamwork creates a more resilient security environment and helps integrate cybersecurity best practices throughout the organization.
What cities in Oregon are hiring for Cyber Risk Analyst jobs? Cities in Oregon with the most Cyber Risk Analyst job openings:
Infographic showing various Cyber Risk Analyst job openings in Oregon as of July 2026, with employment types broken down into 1% Internship, 86% Full Time, 7% Part Time, 1% Temporary, 4% Contract, and 1% Nights. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $113,681 per year, or $54.7 per hour.
Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Deloitte

Portland, OR • On-site

Other

Re-posted 24 days ago


Deloitte rating

8.1

Company rating: 8.1 out of 10

Based on 90 frontline employees who took The Breakroom Quiz

60th of 148 rated financial services


Job description

SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an evolving threat landscape through practical, scalable security solutions. In this role, you will focus on SAP security and access governance capabilities that help clients strengthen controls, manage risk, and support secure transformation.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC access control implementations, assessments, and optimization efforts.

  • Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
  • Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
  • Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  • Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
  • Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps embed security across digital transformation initiatives by securing the technical backbone of the organization while enabling business change. The team supports capabilities across security architecture, secure development and deployment, cyber cloud, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 3+ years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
  • 3+ years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
  • Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
  • 2+ years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • 2+ years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Experience in consulting or Big 4 environments
  • Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
  • Experience with SAP Identity and Access Governance
  • Experience with cloud security and cloud migration projects
  • Experience executing vulnerability management tools such as Onapsis
  • Experience preparing written deliverables and presenting information to stakeholders

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Qualifications:

SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an evolving threat landscape through practical, scalable security solutions. In this role, you will focus on SAP security and access governance capabilities that help clients strengthen controls, manage risk, and support secure transformation.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC access control implementations, assessments, and optimization efforts.

  • Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
  • Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
  • Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  • Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
  • Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps embed security across digital transformation initiatives by securing the technical backbone of the organization while enabling business change. The team supports capabilities across security architecture, secure development and deployment, cyber cloud, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 3+ years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
  • 3+ years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
  • Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
  • 2+ years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • 2+ years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Experience in consulting or Big 4 environments
  • Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
  • Experience with SAP Identity and Access Governance
  • Experience with cloud security and cloud migration projects
  • Experience executing vulnerability management tools such as Onapsis
  • Experience preparing written deliverables and presenting information to stakeholders

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Education:Bachelor's DegreeEmployment Type:

What Deloitte employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom