1

Cyber Risk Assessment Jobs (NOW HIRING)

Act as the end-to-end tech and cyber risk partner for senior technology executives, providing comprehensive support to engineering organizations while driving the strategic vision for risk assessment ...

Act as the end-to-end tech and cyber risk partner for senior technology executives, providing comprehensive support to engineering organizations while driving the strategic vision for risk assessment ...

Act as the end-to-end tech and cyber risk partner for senior technology executives, providing comprehensive support to engineering organizations while driving the strategic vision for risk assessment ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately * Support ...

next page

Showing results 1-20

Cyber Risk Assessment information

What is the difference between Cyber Risk Assessment vs Cyber Security Analyst?

AspectCyber Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating cybersecurity risks and vulnerabilitiesMonitoring, detecting, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk management teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams
ResponsibilitiesRisk analysis, vulnerability assessments, complianceThreat detection, incident response, security monitoring

While both roles involve cybersecurity, Cyber Risk Assessments focus on evaluating potential risks and vulnerabilities to inform security strategies, whereas Cyber Security Analysts actively monitor and respond to ongoing security threats. Understanding these differences helps organizations assign the right roles for comprehensive cybersecurity management.

How much does a cyber risk analyst make?

A cyber risk analyst typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced analysts with certifications like CISSP or CISA can earn higher salaries, especially in industries with high cybersecurity demands.

What is a cyber risk assessment?

A cyber risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities in an organization's information systems. It helps organizations understand the potential impact of cyber threats and determine the likelihood of such events occurring. By conducting a cyber risk assessment, businesses can implement appropriate security controls and strategies to mitigate risks, comply with regulatory requirements, and protect sensitive data from cyberattacks. Regular assessments are essential to adapt to evolving threats and maintain a strong cybersecurity posture.

What are some common challenges faced by professionals in Cyber Risk Assessment, and how can they be addressed?

Professionals in Cyber Risk Assessment often encounter challenges such as rapidly evolving threat landscapes, keeping up with regulatory changes, and ensuring clear communication of technical risks to non-technical stakeholders. To address these, staying current with industry trends through continuous learning, leveraging robust risk assessment frameworks, and developing strong communication skills are essential. Additionally, collaborating closely with IT, compliance, and business units helps ensure comprehensive and effective risk management.

What are the key skills and qualifications needed to thrive as a Cyber Risk Assessor, and why are they important?

To thrive as a Cyber Risk Assessor, you need a strong understanding of cybersecurity principles, risk management frameworks, and relevant regulations, often backed by a degree in information security or related certifications like CISSP or CISA. Familiarity with security assessment tools, vulnerability scanners, and risk analysis platforms is typically required. Analytical thinking, attention to detail, and effective communication are vital soft skills for accurately identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets and ensuring compliance in an evolving threat landscape.

Can you make $200,000 in cyber security?

Cyber Risk Assessment professionals can potentially earn $200,000 or more annually, especially with advanced certifications like CISSP or CISA, extensive experience, and roles in high-demand industries or senior positions. Salaries vary based on location, company size, and individual expertise, with senior analysts and managers often reaching or exceeding this level.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and often requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions in cybersecurity may include roles like SOC analyst trainees or junior analysts, but more advanced SOC positions usually demand certifications such as CompTIA Security+ or Certified SOC Analyst (CSA) and familiarity with security tools and incident response processes.

Can you make $500,000 a year in cyber security?

Cyber Risk Assessment professionals typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary generally requires senior roles such as Chief Information Security Officer (CISO) or executive-level positions, which involve strategic leadership, extensive experience, and often additional responsibilities. High salaries in cybersecurity are usually associated with leadership, specialized skills, or working in large organizations or high-demand industries.
More about Cyber Risk Assessment jobs
What cities are hiring for Cyber Risk Assessment jobs? Cities with the most Cyber Risk Assessment job openings:
What states have the most Cyber Risk Assessment jobs? States with the most job openings for Cyber Risk Assessment jobs include:
Infographic showing various Cyber Risk Assessment job openings in the United States as of July 2026, with employment types broken down into 3% As Needed, 77% Full Time, 17% Part Time, and 3% Contract. Highlights an 93% Physical, 1% Hybrid, and 6% Remote job distribution.
Cyber Risk Data Engineer/Analyst

Cyber Risk Data Engineer/Analyst

Technomics Inc

Arlington, VA • On-site

Full-time

Posted 20 days ago


Job description

Technomics is a growing employee-owned, decision analytics company that specializes in cost and economic analysis to facilitate better decisions faster. We enable a wide range of clients across the Federal government, from senior level policy makers to program managers, to choose smartly, buy effectively and operate efficiently. We deliver practical, credible and defensible results offering actionable insights by applying data-driven and analytics-based approaches in combination with multidisciplinary talent, subject matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.
Analysts use problem-solving principles, processes and methods and complementary software applications to support client engagements and have a direct and significant impact on deliverables to clients. Your work will be guided by more experienced team members, but you will work with autonomy.
Our employee-owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assist clients in understanding and solving a myriad of challenging resource planning and management problems.
This position may be located in Arlington, VA (Headquarters), Washington D.C., Pentagon, Springfield, VA., Chantilly, VA., Tysons Corner, VA.
Description:
We are seeking a Cyber Risk Data Engineer/Analyst. This role focuses on the data side of cyber risk management - capturing outputs from senior SMEs, tagging and structuring data, and building data-driven capabilities that support proactive risk identification.
The ideal candidate is detail-oriented and eager to grow in the cybersecurity field.
You will help organize and manage risk assessment data, connect outputs to external threat/vulnerability databases (e.g., CVE/NVD, MITRE ATT&CK), and develop structured knowledge bases that allow for trend analysis and lessons learned.
This position is perfect for someone who wants to learn from senior SMEs while building technical skills in data analysis, visualization, and cyber risk management. You'll play a key role in helping clients shift from reactive reporting to proactive risk detection.
Clearance Required: Active DOE Q or higher (or ability to obtain)
Key Responsibilities:
  • Support senior SMEs by collecting, organizing, and structuring cyber risk assessment outputs into usable datasets and knowledge repositories.
  • Implement data tagging, metadata standards, and knowledge capture practices to enable traceability and lessons-learned reuse across assessments.
  • Connect assessment data with external threat and vulnerability databases (e.g., MITRE ATT&CK, CVE/NVD, vendor advisories) to enrich analysis and support proactive risk identification.
  • Develop and maintain structured datasets, dashboards, or knowledge management tools that allow for trend analysis and predictive insights.
  • Assist in building data-driven capabilities to shift risk management from reactive reporting toward proactive detection and trend anticipation.
  • Work closely with senior cyber SMEs to ensure data accurately reflects risk findings, mitigation considerations, and enterprise impacts.
  • Support the development of data visualization products, analytic reports, and briefing materials for leadership.
  • Contribute to the maturation of the clients risk knowledge base by aligning historical assessment data with new findings.

Required Qualifications:
  • 1-3 years of experience in cybersecurity, data analysis, or IT risk management.
  • Familiarity with cybersecurity frameworks such as NIST SP 800-30, RMF, or MITRE ATT&CK (coursework, internships, or entry-level experience acceptable).
  • Demonstrated experience with data analysis, organization, and visualization (Excel, Power BI, Tableau, or similar).
  • Ability to work with structured and unstructured data, including tagging, metadata, and relational mapping.
  • Strong written and verbal communication skills to document findings and support SME deliverables.

Preferred Qualifications:
  • Experience supporting national security organizations.
  • Familiarity with cyber threat and vulnerability databases (CVE, NVD, CISA KEV catalog, vendor advisories).
  • Coursework or hands-on exposure to Python, SQL, or other scripting tools for data handling.
  • Technical certifications such as Security+.
  • Understanding of knowledge management or data governance practices.
  • Ability to work in a team-oriented, high-paced environment and interact with both technical and non-technical stakeholders.

Work Environment:
  • Hybrid role with D.C.-based work and travel to client and partner sites to support SME risk assessment teams.
  • Focused on the data side of mission assurance - building knowledge bases, connecting data sources, and supporting proactive cyber risk identification.
  • Collaborative setting with senior SMEs, engineers, and mission partners, requiring adaptability, attention to detail, and an eagerness to learn.
  • Provides strong career growth opportunities in cyber risk analysis, data science, and national security mission assurance.

Salary range: $70,000- 115,000 USD
The salary range listed is one part of our total compensation package, which may also include bonuses, incentives and benefits. Individual compensation is determined based on qualifications such as relevant years of experience, education, certifications and geographic location
Technomics is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to protected status under applicable law, including disability and protected veteran status.