1

Cyber Risk Assessment Jobs in New York (NOW HIRING)

Cyber Risk Analyst

Brooklyn, NY · On-site

$90K - $100K/yr

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

The City of New York's Office of Technology and Innovation is seeking a Cyber Risk Analyst to ... assessment procedures and control testing methodologies based on established frameworks and ...

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

Cyber Risk Analyst

Brooklyn, NY · On-site

$90K - $100K/yr

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks. Responsibilities will include ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

Manager, Cyber Risk & Analysis

New York, NY

$121K - $164K/yr

Understand and assess the inventory of technology and cyber risk management related laws and regulations, as well as industry standards such as the NIST, PCI DSS, CSF and FFIEC guidance, and how they ...

next page

Showing results 1-20

Cyber Risk Assessment information

What is the difference between Cyber Risk Assessment vs Cyber Security Analyst?

AspectCyber Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating cybersecurity risks and vulnerabilitiesMonitoring, detecting, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk management teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams
ResponsibilitiesRisk analysis, vulnerability assessments, complianceThreat detection, incident response, security monitoring

While both roles involve cybersecurity, Cyber Risk Assessments focus on evaluating potential risks and vulnerabilities to inform security strategies, whereas Cyber Security Analysts actively monitor and respond to ongoing security threats. Understanding these differences helps organizations assign the right roles for comprehensive cybersecurity management.

How much does a cyber risk analyst make?

A cyber risk analyst typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced analysts with certifications like CISSP or CISA can earn higher salaries, especially in industries with high cybersecurity demands.

What is a cyber risk assessment?

A cyber risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities in an organization's information systems. It helps organizations understand the potential impact of cyber threats and determine the likelihood of such events occurring. By conducting a cyber risk assessment, businesses can implement appropriate security controls and strategies to mitigate risks, comply with regulatory requirements, and protect sensitive data from cyberattacks. Regular assessments are essential to adapt to evolving threats and maintain a strong cybersecurity posture.

What are some common challenges faced by professionals in Cyber Risk Assessment, and how can they be addressed?

Professionals in Cyber Risk Assessment often encounter challenges such as rapidly evolving threat landscapes, keeping up with regulatory changes, and ensuring clear communication of technical risks to non-technical stakeholders. To address these, staying current with industry trends through continuous learning, leveraging robust risk assessment frameworks, and developing strong communication skills are essential. Additionally, collaborating closely with IT, compliance, and business units helps ensure comprehensive and effective risk management.

What are the key skills and qualifications needed to thrive as a Cyber Risk Assessor, and why are they important?

To thrive as a Cyber Risk Assessor, you need a strong understanding of cybersecurity principles, risk management frameworks, and relevant regulations, often backed by a degree in information security or related certifications like CISSP or CISA. Familiarity with security assessment tools, vulnerability scanners, and risk analysis platforms is typically required. Analytical thinking, attention to detail, and effective communication are vital soft skills for accurately identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets and ensuring compliance in an evolving threat landscape.

Can you make $200,000 in cyber security?

Cyber Risk Assessment professionals can potentially earn $200,000 or more annually, especially with advanced certifications like CISSP or CISA, extensive experience, and roles in high-demand industries or senior positions. Salaries vary based on location, company size, and individual expertise, with senior analysts and managers often reaching or exceeding this level.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and often requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions in cybersecurity may include roles like SOC analyst trainees or junior analysts, but more advanced SOC positions usually demand certifications such as CompTIA Security+ or Certified SOC Analyst (CSA) and familiarity with security tools and incident response processes.

Can you make $500,000 a year in cyber security?

Cyber Risk Assessment professionals typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary generally requires senior roles such as Chief Information Security Officer (CISO) or executive-level positions, which involve strategic leadership, extensive experience, and often additional responsibilities. High salaries in cybersecurity are usually associated with leadership, specialized skills, or working in large organizations or high-demand industries.
What are popular job titles related to Cyber Risk Assessment jobs in New York? For Cyber Risk Assessment jobs in New York, the most frequently searched job titles are:
What cities in New York are hiring for Cyber Risk Assessment jobs? Cities in New York with the most Cyber Risk Assessment job openings:
Infographic showing various Cyber Risk Assessment job openings in New York as of July 2026, with employment types broken down into 3% As Needed, 77% Full Time, 17% Part Time, and 3% Contract. Highlights an 93% Physical, 1% Hybrid, and 6% Remote job distribution.
Cyber Risk Analyst

Cyber Risk Analyst

City of New York

Brooklyn, NY • On-site

$90K - $100K/yr

Full-time

Posted 13 days ago


City Of New York rating

7.1

Company rating: 7.1 out of 10

Based on 79 frontline employees who took The Breakroom Quiz

515th of 693 rated public administrative organizations


Job description

Company Description
Job Description
The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services, OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Follow us on social media @NYCOfficeofTech, and visit www.nyc.gov/oti to learn more.
At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.
About Cyber Command
Cyber Command is charged with protecting all City systems against cyber threats, including systems that deliver vital services to New Yorkers. Headed by the Chief Information Security Officer of the City of New York, we provide in-depth support to over 100 agencies and offices to protect, detect, identify, respond to, and recover from cyber threats.
About This Role
The Cyber Risk Analyst will serve in the Cyber Command Risk Program under the direction of the Senior Advisor. They will help shape Cyber Command's approach to risk management, build new risk frameworks and processes, and assess and monitor NYC agencies' cybersecurity risks.
Responsibilities will include:
-Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City;
-Manage projects, pushing through ambiguity and challenges which may arise;
-Work with stakeholders across various divisions, soliciting input and working through feedback;
-Review and analyze various cybersecurity risk cases, justifications, and exceptions documents submitted by agencies;
-Assist in developing cybersecurity risk assessment procedures and control testing methodologies based on established frameworks and guidelines;
-Assess NYC agencies' documented information security and technology policies, procedures, and practices.
-Draft risk cases accompanied by working papers, concise controls assessments, and systems testing reports;
-Present risk findings to senior leadership;
-Engage in communications with NYC agencies to assist them in successfully managing risk;
-Handle special projects and initiatives as assigned.
HOURS/SHIFT
Day - Due to the necessary technical duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings.
WORK LOCATION
Brooklyn, NY
TO APPLY
* Interested applicants with other civil service titles who meet the preferred requirements should also submit a resume for consideration
Please go to www.cityjobs/jobs/search and search for Job ID #777247
SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW
APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL
OTI participates in E-Verify
IT SECURITY SPECIALIST - 95622
Qualifications
A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,
Education and/or experience which is equivalent to "1" above.
Additional Information
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

What City Of New York employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom