1

Cyber Risk Assessment Jobs in Florida (NOW HIRING)

Provide independent second-line oversight of cyber and information security risk internally and ... Independent judgment with strong analytical and risk assessment skills. The outlined above is ...

Experience conducting Mission Based Cyber Risk Assessments (MBCRAs). * Experience in planning and conducting cyber test. * Experience establishing cybersecurity guidelines and practices at the DoW or ...

Document risk assessment findings, recommendations, and remediation plans for review by senior ... with the Cyber Risk Management Framework. * Support maintaining and improving the governance ...

Manager, Cybersecurity

Orlando, FL · Hybrid

$103K - $140K/yr

This leader is accountable for risk management, security operations, engineering of cyber ... Establish and oversee risk assessment, security audit, and compliance programs across all business ...

Includes design of the cyber organization, governance, and risk assessments. Qualifications Required: * BA/BS Degree in Computer Science, Cyber Security, Information Security, Engineering ...

Includes design of the cyber organization, governance, and risk assessments. Qualifications Required: * BA/BS Degree in Computer Science, Cyber Security, Information Security, Engineering ...

Cyber Systems Security Engineer

Orlando, FL · On-site

$53.50 - $65.50/hr

Conducting risk assessments, including threat modeling and vulnerability analysis, to evaluate and ... Conducting cyber risk assessments and implementing mitigation strategies. Responsible for securing ...

next page

Showing results 1-20

Cyber Risk Assessment information

What is the difference between Cyber Risk Assessment vs Cyber Security Analyst?

AspectCyber Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating cybersecurity risks and vulnerabilitiesMonitoring, detecting, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk management teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams
ResponsibilitiesRisk analysis, vulnerability assessments, complianceThreat detection, incident response, security monitoring

While both roles involve cybersecurity, Cyber Risk Assessments focus on evaluating potential risks and vulnerabilities to inform security strategies, whereas Cyber Security Analysts actively monitor and respond to ongoing security threats. Understanding these differences helps organizations assign the right roles for comprehensive cybersecurity management.

How much does a cyber risk analyst make?

A cyber risk analyst typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced analysts with certifications like CISSP or CISA can earn higher salaries, especially in industries with high cybersecurity demands.

What is a cyber risk assessment?

A cyber risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities in an organization's information systems. It helps organizations understand the potential impact of cyber threats and determine the likelihood of such events occurring. By conducting a cyber risk assessment, businesses can implement appropriate security controls and strategies to mitigate risks, comply with regulatory requirements, and protect sensitive data from cyberattacks. Regular assessments are essential to adapt to evolving threats and maintain a strong cybersecurity posture.

What are some common challenges faced by professionals in Cyber Risk Assessment, and how can they be addressed?

Professionals in Cyber Risk Assessment often encounter challenges such as rapidly evolving threat landscapes, keeping up with regulatory changes, and ensuring clear communication of technical risks to non-technical stakeholders. To address these, staying current with industry trends through continuous learning, leveraging robust risk assessment frameworks, and developing strong communication skills are essential. Additionally, collaborating closely with IT, compliance, and business units helps ensure comprehensive and effective risk management.

What are the key skills and qualifications needed to thrive as a Cyber Risk Assessor, and why are they important?

To thrive as a Cyber Risk Assessor, you need a strong understanding of cybersecurity principles, risk management frameworks, and relevant regulations, often backed by a degree in information security or related certifications like CISSP or CISA. Familiarity with security assessment tools, vulnerability scanners, and risk analysis platforms is typically required. Analytical thinking, attention to detail, and effective communication are vital soft skills for accurately identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets and ensuring compliance in an evolving threat landscape.

Can you make $200,000 in cyber security?

Cyber Risk Assessment professionals can potentially earn $200,000 or more annually, especially with advanced certifications like CISSP or CISA, extensive experience, and roles in high-demand industries or senior positions. Salaries vary based on location, company size, and individual expertise, with senior analysts and managers often reaching or exceeding this level.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and often requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions in cybersecurity may include roles like SOC analyst trainees or junior analysts, but more advanced SOC positions usually demand certifications such as CompTIA Security+ or Certified SOC Analyst (CSA) and familiarity with security tools and incident response processes.

Can you make $500,000 a year in cyber security?

Cyber Risk Assessment professionals typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary generally requires senior roles such as Chief Information Security Officer (CISO) or executive-level positions, which involve strategic leadership, extensive experience, and often additional responsibilities. High salaries in cybersecurity are usually associated with leadership, specialized skills, or working in large organizations or high-demand industries.
What job categories do people searching Cyber Risk Assessment jobs in Florida look for? The top searched job categories for Cyber Risk Assessment jobs in Florida are:

Full-time

Posted 24 days ago


Job description

Our team members are the key to our company’s success, and their health and well-being, as well as that of their families, is very important to us. We offer a comprehensive benefits package that allows our team members stay healthy, plan for their future and maintain a healthy work-life balance. Benefits may vary with employment status.  To see our fill list of Team Member Benefits please visit our career site: www.gotoworkhappy.com/benefits

Job Description:

The Cyber Risk Assessor III leads cybersecurity risk assessments, control evaluations, and policy oversight across the organization's Governance, Risk, and Compliance program. This strategic role identifies and assesses risks, evaluates control effectiveness, drives regulatory and framework alignment, and strengthens governance processes organization-wide.

Key Responsibilities

Governance, Risk Assessment & Management

  • Lead cybersecurity risk assessments for systems, applications, business processes, and third-party
  • Drive the identification, analysis, and documentation of cybersecurity risks and control gaps using methodologies such as FAIR and NIST RMF
  • Evaluate and assess the risk of cybersecurity issues, findings, and their potential impact to the organization
  • Oversee and maintain the Cybersecurity risk register with clear ownership, accountability, and tracking
  • Develop mitigation strategies, compensating controls, and risk-based remediation plans with business and technical stakeholders
  • Responsible for monitoring and reporting on risk trends, control effectiveness, compliance status, and remediation progress for leadership and stakeholders.
  • Own and manage the Cybersecurity Exception Process, including evaluation, approval workflows, and ongoing monitoring
  • Establish and track key risk indicators (KRIs) and report on risk trends, control effectiveness, and remediation progress to senior leadership
  • Proactively identify, track, and escalate top organizational cybersecurity risks to leadership
  • Lead the development, documentation, and continuous improvement of security and GRC processes to strengthen governance, consistency, and operational effectiveness.
  • Lead the development, review, and maintenance of cybersecurity policies, standards, procedures, and related governance documentation.
  • Support security awareness, governance communications, and continuous improvement initiatives across the GRC program.

Control Evaluation & Maturity Assessment

  • Lead the evaluation of design and operating effectiveness of security controls across the organization
  • Conduct and manage internal cybersecurity maturity assessments to evaluate program effectiveness and identify improvement opportunities
  • Assess control maturity levels and develop roadmaps for enhancement
  • Map controls to frameworks such as NIST, ISO 27001, PCI DSS, and other applicable standards

Stakeholder Engagement & Reporting

  • Serve as the subject matter expert and advisor on complex cybersecurity risk issues
  • Lead and influence cross-functional engagement with IT, Cybersecurity, Audit, Legal, Privacy, and business teams
  • Develop and deliver executive-level cybersecurity risk reports for senior management and board-level stakeholders, highlighting critical risks and mitigation strategies
  • Communicate complex technical and risk information effectively to both technical and non-technical audiences
  • Present risk assessments, findings, and strategic recommendations to executive leadership and board committees
  • Lead and facilitate risk workshops and training sessions to promote risk-aware culture

Required Qualifications

Experience & Expertise

  • 7+ years of progressive experience in cybersecurity, Governance, Risk, and Compliance (GRC), or information security
  • Demonstrated experience leading enterprise-level risk assessments and governance programs
  • Deep expertise in risk assessment methodologies and control evaluation concepts
  • Experience with cybersecurity frameworks: NIST CSF, ISO 27001, PCI DSS, SOC 2, and/or CIS Controls
  • Proven experience developing policies, standards, procedures, and governance documentation
  • Experience assessing risk of cybersecurity issues and developing remediation strategies
  • Experience conducting technical risk assessments and security architecture reviews
  • Proven experience leading and managing cybersecurity maturity assessments

Technical Knowledge

  • Comprehensive knowledge across all cybersecurity domains including infrastructure security, network security, application security, cloud security, identity and access management, data protection, endpoint security, security operations, and emerging technologies such as artificial intelligence
  • Understanding of security control applicability and limitations across different technology environments
  • Current knowledge of the threat landscape and attack vectors

Skills & Competencies

  • Strategic thinking and ability to translate technical vulnerabilities into business risk and impact
  • Excellent analytical skills with ability to synthesize complex information into actionable insights
  • Superior written and verbal communication and report-writing capabilities
  • Proven ability to influence and drive outcomes without direct authority across all organizational levels
  • Critical thinking and problem-solving abilities
  • Attention to detail while maintaining strategic perspective
  • Demonstrated leadership in mentoring and developing team members

Preferred Qualifications

Certifications

  • CISSP (Certified Information Systems Security Professional)
  • CRISC (Certified in Risk and Information Systems Control)
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • ISO 27001 Lead Auditor or Lead Implementer
  • FAIR Certification
  • PCI QSA or ISA

Additional Experience

  • Experience with GRC platforms (E.g., Onspring, ServiceNow GRC, Archer, OneTrust, Vanta, Drata)
  • Background in regulated industries (gaming, financial services retail)
  • Bachelor’s degree in Computer Science, Information Security, Cyber Risk Management, or related field (Master's preferred)