1

Cyber Risk Manager Jobs in Oregon (NOW HIRING)

Senior Cyber Threat Analyst

$99K - $128K/yr

... minimize risk exposure. Named one of the Best Places to Work in the Washington DC area for 12 ... Provide regular reports and updates to senior management on the findings, insights, and ...

Provides claims marketing services by meeting with brokers, risk managers and reinsurers. As required, maintains insurance adjuster licenses. Must have Cyber/Media/Tech Liability Experience ...

... risk control assessments across industrial control systems, OT networks, cyber-physical systems ... Assess operational practices related to change control, patching, vulnerability management, backup ...

Responsibilities What You'll Do Lead Risk Management Framework (RMF) activities for the LIGER ... Officials, and cyber working groups to advance ATO and continuous authorization activities ...

... Risk, and Compliance (GRC) , to join our rapidly growing and innovative cybersecurity team. Named ... Advanced degree in a technical/cyber-related field. Direct experience or directly relevant ...

OR · On-site

$15K - $200K/yr

... party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital ...

... mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 ... NVTC 2022 Cyber Company of the Year : Sonatype was named Commercial Cyber Company of the Year and a ...

New

next page

Showing results 1-20

Cyber Risk Manager information

See Oregon salary details

$54.5K

$117.9K

$179.7K

How much do cyber risk manager jobs pay per year?

As of Jul 9, 2026, the average yearly pay for cyber risk manager in Oregon is $117,947.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,200.00 and $136,400.00 per year, depending on experience, location, and employer.

How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?

A Cyber Risk Manager frequently works with IT, legal, compliance, and business units to identify, assess, and mitigate cyber risks across the organization. This collaboration involves leading risk assessments, facilitating security awareness training, and ensuring that cybersecurity policies align with business objectives. Regular cross-department meetings and incident response simulations are common, fostering a shared responsibility for cyber resilience. Effective communication and relationship-building skills are essential in this role to bridge technical and non-technical teams.

What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?

AspectCyber Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, policy development, strategic planningMonitoring security systems, incident response, vulnerability testing
Employer & Industry UsageFinancial, healthcare, large enterprisesIT departments, security firms, corporate environments

The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.

What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?

To thrive as a Cyber Risk Manager, you need a solid background in information security, risk assessment, and compliance, often supported by a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), GRC tools, and relevant certifications like CISSP or CISM is typically required. Excellent analytical thinking, communication, and leadership skills set top performers apart in this role. These skills are crucial for identifying risks, implementing effective controls, and ensuring the organization’s digital assets remain secure and compliant.

Can you make $200,000 in cyber security?

Cyber Risk Managers and senior cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and in high-demand industries or locations. Salary levels depend on factors such as expertise, certifications, industry, and geographic region, with leadership roles and specialized skills commanding higher compensation.

Can you make $500,000 a year in cyber security?

Cyber Risk Managers and senior cybersecurity professionals can potentially earn $500,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and leadership roles such as Chief Information Security Officer. High salaries are often associated with large organizations, specialized skills, and strategic responsibilities in cybersecurity management.

What does a cyber risk manager do?

A cyber risk manager assesses and mitigates cybersecurity threats to an organization’s information systems. They develop risk management strategies, implement security policies, and often use tools like risk assessment frameworks and security audits to protect digital assets. Certification such as CISSP or CISM can enhance their effectiveness in this role.

Is a CISO a stressful job?

A Chief Information Security Officer (CISO) role is often considered high-stress due to the responsibility for an organization's cybersecurity strategy, risk management, and incident response. The job requires managing complex threats, compliance requirements, and often involves long hours, especially during security breaches or audits.
Infographic showing various Cyber Risk Manager job openings in Oregon as of July 2026, with employment types broken down into 89% Full Time, and 11% Contract. Highlights an 100% In-person job distribution, with an average salary of $117,947 per year, or $56.7 per hour.
Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Deloitte

Portland, OR • On-site

Other

Re-posted 20 days ago


Deloitte rating

8.0

Company rating: 8.0 out of 10

Based on 89 frontline employees who took The Breakroom Quiz

71st of 146 rated financial services


Job description

SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an evolving threat landscape through practical, scalable security solutions. In this role, you will focus on SAP security and access governance capabilities that help clients strengthen controls, manage risk, and support secure transformation.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC access control implementations, assessments, and optimization efforts.

  • Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
  • Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
  • Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  • Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
  • Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps embed security across digital transformation initiatives by securing the technical backbone of the organization while enabling business change. The team supports capabilities across security architecture, secure development and deployment, cyber cloud, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 3+ years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
  • 3+ years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
  • Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
  • 2+ years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • 2+ years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Experience in consulting or Big 4 environments
  • Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
  • Experience with SAP Identity and Access Governance
  • Experience with cloud security and cloud migration projects
  • Experience executing vulnerability management tools such as Onapsis
  • Experience preparing written deliverables and presenting information to stakeholders

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Qualifications:

SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an evolving threat landscape through practical, scalable security solutions. In this role, you will focus on SAP security and access governance capabilities that help clients strengthen controls, manage risk, and support secure transformation.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC access control implementations, assessments, and optimization efforts.

  • Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
  • Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
  • Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  • Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
  • Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps embed security across digital transformation initiatives by securing the technical backbone of the organization while enabling business change. The team supports capabilities across security architecture, secure development and deployment, cyber cloud, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 3+ years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
  • 3+ years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
  • Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
  • 2+ years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • 2+ years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Experience in consulting or Big 4 environments
  • Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
  • Experience with SAP Identity and Access Governance
  • Experience with cloud security and cloud migration projects
  • Experience executing vulnerability management tools such as Onapsis
  • Experience preparing written deliverables and presenting information to stakeholders

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Education:Bachelor's DegreeEmployment Type:

What Deloitte employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom