ZipRecruiter

Log In

1

Cyber Risk Analyst Jobs (NOW HIRING)

Lockton, Inc.

AVP, Cyber Analytics

Overland Park, KS · On-site

Collaborate with Risk Solutions and Analytics leadership to define future cyber analytics initiatives and enhance digital solutions (e.g. Associate Hub) with cyber-specific value. * Continuously ...

Capital One

Manager, Cyber Risk & Analysis

Mclean, VA · On-site

Manager, Cyber Risk & Analysis As a Manager, you will apply your technical expertise, risk management acumen, and project management skills to drive Risk Management Strategy for a major technology ...

Pavago

Risk Analyst

Risk Analyst / Risk Manager Position Type: Full-Time, Remote Working Hours: U.S. client business ... operational, compliance, cyber, and strategic risk categories • Identify emerging risks ...

next page

Showing results 1-20

All JobsCyber Risk Analyst Jobs

Cyber Risk Analyst information

See salary details

$44.5K

$107.5K

$151K

How much do cyber risk analyst jobs pay per year?

As of Jun 22, 2026, the average yearly pay for cyber risk analyst in the United States is $107,522.00, according to ZipRecruiter salary data. Most workers in this role earn between $91,500.00 and $126,500.00 per year, depending on experience, location, and employer.

What does a Cyber Risk Analyst do?

A Cyber Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization's information systems and digital assets. They analyze potential threats, evaluate the effectiveness of security measures, and recommend strategies to protect against cyberattacks. Their work often includes conducting risk assessments, monitoring security controls, and ensuring compliance with industry regulations to help safeguard sensitive data and maintain business continuity.

What is the difference between Cyber Risk Analyst vs Cyber Security Analyst?

AspectCyber Risk AnalystCyber Security Analyst
CertificationsCertified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC)CompTIA Security+, Certified Ethical Hacker (CEH)
Work EnvironmentRisk assessment, policy development, complianceNetwork monitoring, threat detection, incident response
Employer & IndustryFinancial, healthcare, government sectors focusing on risk managementIT departments, cybersecurity firms, tech companies

While both roles focus on cybersecurity, a Cyber Risk Analyst primarily assesses and manages potential risks to an organization’s information assets, whereas a Cyber Security Analyst concentrates on defending systems from threats and responding to security incidents. The roles often overlap but differ in their core focus areas.

Can you make $500,000 a year in cyber security?

Cyber Risk Analysts typically earn salaries ranging from $70,000 to $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 annual salary generally requires senior roles such as Chief Information Security Officer (CISO) or executive-level positions, which involve broader responsibilities and leadership skills. High earnings in cybersecurity often depend on advanced expertise, industry demand, and strategic management roles.

Which country is no. 1 in cybersecurity?

As a Cyber Risk Analyst, understanding global cybersecurity leadership is important. The United States is often regarded as the leading country in cybersecurity due to its advanced infrastructure, government initiatives, and cybersecurity industry. However, other countries like Israel, the United Kingdom, and China also have strong cybersecurity capabilities and investments.

Is 40 too old for cyber security?

Cyber Risk Analysts and other cybersecurity professionals can successfully start or advance their careers at age 40 or older. Many employers value diverse experience and skills, and certifications like CISSP or CompTIA Security+ can enhance employability regardless of age.

What are the key skills and qualifications needed to thrive as a Cyber Risk Analyst, and why are they important?

To thrive as a Cyber Risk Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and often a degree in cybersecurity, computer science, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), vulnerability assessment tools, and security information and event management (SIEM) systems is typically required, along with certifications like CISSP or CISM. Analytical thinking, attention to detail, and strong communication skills are essential soft skills for this role. These competencies ensure accurate identification, evaluation, and mitigation of cyber risks to protect organizational assets and maintain regulatory compliance.

How does a Cyber Risk Analyst typically collaborate with other departments to improve an organization's security posture?

Cyber Risk Analysts work closely with various departments, such as IT, compliance, and business units, to identify and assess potential security threats. They often facilitate risk assessments, conduct training sessions to raise awareness, and help develop incident response plans. Regular communication and collaboration are essential, as analysts must ensure that security recommendations align with business goals and regulatory requirements. This cross-functional teamwork creates a more resilient security environment and helps integrate cybersecurity best practices throughout the organization.

What does a cybersecurity risk analyst do?

A cybersecurity risk analyst evaluates an organization’s information systems to identify vulnerabilities and assess potential threats. They analyze security data, develop risk mitigation strategies, and often use tools like risk assessment frameworks and security software to protect digital assets and ensure compliance.
More about Cyber Risk Analyst jobs
What cities are hiring for Cyber Risk Analyst jobs? Cities with the most Cyber Risk Analyst job openings:
What states have the most Cyber Risk Analyst jobs? States with the most job openings for Cyber Risk Analyst jobs include:
What job categories do people searching Cyber Risk Analyst jobs look for? The top searched job categories for Cyber Risk Analyst jobs are:
Cyber Risk Analyst jobs near you
Infographic showing various Cyber Risk Analyst job openings in the United States as of June 2026, with employment types broken down into 1% As Needed, 96% Full Time, 1% Part Time, and 2% Contract. Highlights an 81% Physical, 8% Hybrid, and 11% Remote job distribution, with an average salary of $107,522 per year, or $51.7 per hour.
Cyber Risk Consultant

Cyber Risk Consultant

Diversified Services Network, Inc.

Irving, TX • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 17 days ago

Job description

Diversified Services Network, Inc. (DSN) is seeking a full-time Cyber Risk Consultant to join our team in three potential locations: Peoria (IL), Irving (TX), or Nashville (TN)! We offer full benefits, PTO, 401k, and more! If you're looking to grow your technical career within an extremely reputable, stable Fortune 500 company - let's talk!

Our Cyber Risk Management team is seeking a resource to support the execution and maturation of the enterprise cyber risk program. This role focuses on risk acceptance facilitation, executive communication, qualitative risk analysis, and risk register lifecycle management. This role would also have an opportunity to help design and provide input to the direction of the cyber risk program through several process improvement workstreams occurring throughout 2026. The ideal candidate provides an external perspective and contributes to both execution and process improvement.

JOB RESPONSIBILITIES:

  • Facilitate risk acceptance and awareness discussions with senior leadership; translate technical risks into business terms.
  • Develop executive-ready presentations and proactively anticipate leadership questions and data needs.
  • Maintain and track the cyber risk register, including follow-up on remediation actions and acceptance decisions.
  • Perform qualitative risk analysis (likelihood and impact) using scenario-based models.
  • Evaluate control effectiveness and compensating controls; provide risk-based recommendations.
  • Support and contribute to the design and improvement of the cyber risk management program and associated processes.

Requirements

EDUCATION & EXPERIENCE REQUIRED:

  • Bachelor's degree AND 5+ years of experience; OR no degree AND 7+ years of experience
  • Years of experience: 5+ years in cyber risk, IT risk, or information security risk (consulting or Big 4 experience preferred)
  • Degree requirement: Bachelor's degree highly preferred (not required with 7+ YOE)

REQUIRED SKILLS:

  • 5+ years in cyber risk, IT risk, or information security risk (consulting or Big 4 experience preferred).
  • Strong communication and presentation skills with ability to engage senior leadership.
  • Ability to translate technical concepts into business risk language.
  • Experience managing risk registers and tracking remediation activities.
  • Technical understanding of systems, controls, and risk scenarios.
  • Proactive, organized, and able to anticipate stakeholder needs.
  • Experience contributing to risk program design or process improvement 

DESIRED SKILLS:

  • Experience with qualitative risk analysis methodologies in cybersecurity or IT environments.
  • Prior experience with FAIR (Factor Analysis of Information Risk).
  • Familiarity with ISO 27001, NIST, or similar frameworks.
  • Experience with ServiceNow IRM or similar GRC platforms.
  • Relevant certifications (CISSP, CISA, CISM, CRISC).

Benefits

  • 401(k)
  • Dental insurance
  • Vision Insurance
  • Disability insurance
  • Employee assistance program
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Paid Holidays

Please follow the link to our website for a list of job openings in Engineering, IT, Project Management, and more! https://www.dsnworldwide.com

Salary expectations: 119,000-124,000 per annual

Apply