1

Cyber Risk Jobs in Washington (NOW HIRING)

Cyber Risk Analyst (TS/SCI) Reston, VA, USA Full-time Clearance: Top Secret/SCI Summary: Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make ...

next page

Showing results 1-20

Cyber Risk information

See Washington salary details

$77.6K

$146K

$183.5K

How much do cyber risk jobs pay per year?

As of Jul 9, 2026, the average yearly pay for cyber risk in Washington is $145,971.00, according to ZipRecruiter salary data. Most workers in this role earn between $128,000.00 and $165,900.00 per year, depending on experience, location, and employer.

What are 5 careers in cybersecurity?

Five common careers in cybersecurity include Security Analyst, Penetration Tester, Security Engineer, Incident Responder, and Security Architect. These roles involve protecting systems, identifying vulnerabilities, and implementing security measures, often requiring certifications like CISSP or CEH and familiarity with tools such as firewalls and intrusion detection systems.

How much does a cyber risk analyst make?

A cyber risk analyst typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced analysts with certifications like CISSP or CISA can earn higher salaries, especially in industries with high cybersecurity demands.

What is the difference between Cyber Risk vs Cyber Security Analyst?

AspectCyber RiskCyber Security Analyst
Primary FocusIdentifying, assessing, and managing cybersecurity risks and vulnerabilitiesMonitoring, analyzing, and responding to security threats and incidents
Required CredentialsCertifications like CISSP, CISM, CRISC; risk management experienceCertifications like CompTIA Security+, CISSP; technical security skills
Work EnvironmentRisk management teams, compliance departments, strategic planningSecurity operations centers, IT teams, incident response teams
Industry UsageUsed across finance, healthcare, government for risk mitigationUsed in IT and cybersecurity departments for threat defense

While both roles focus on cybersecurity, Cyber Risk professionals primarily assess and manage potential threats at a strategic level, whereas Cyber Security Analysts focus on technical threat detection and response. Understanding these differences helps organizations allocate resources effectively and align roles with their security objectives.

Can I make $200,000 a year in cyber security?

Cyber risk professionals, including cybersecurity analysts and managers, can earn $200,000 or more annually with extensive experience, advanced certifications like CISSP, and leadership roles. High salaries are often associated with senior positions, specialized skills, and working in industries with high security demands.

What are the key skills and qualifications needed to thrive as a Cyber Risk professional, and why are they important?

To thrive as a Cyber Risk professional, you need a solid understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, often supported by a degree in cybersecurity, IT, or related fields. Familiarity with tools such as SIEM platforms, vulnerability scanners, and relevant certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey complex security issues to diverse stakeholders. These competencies are crucial for protecting organizational assets, ensuring compliance, and proactively managing evolving cyber threats.

What is cyber risk?

Cyber risk refers to the potential for financial loss, disruption, or damage to an organization due to the failure of its information technology systems. This includes threats such as data breaches, hacking, malware, ransomware, and unauthorized access to sensitive information. Managing cyber risk involves identifying vulnerabilities, implementing security measures, and creating response plans to minimize the impact of cyber incidents. Organizations often employ specialists to assess and mitigate these risks, ensuring the safety of their digital assets.

Is cybersecurity a risky career?

Cyber Risk professionals work to identify and mitigate security threats, which involves handling sensitive information and responding to cyber incidents. The role can be high-pressure and requires staying current with evolving threats, but it generally offers strong job security and growth opportunities due to increasing cybersecurity needs across industries.

What are some typical challenges faced by professionals in a Cyber Risk role, and how can they be addressed?

Professionals in Cyber Risk roles often encounter challenges such as rapidly evolving cyber threats, balancing business needs with security requirements, and managing cross-departmental communication. Staying current with emerging risks and regulatory changes requires continuous learning and adaptability. Effective collaboration with IT, legal, and business units is crucial to implement practical risk mitigation strategies. Building strong relationships and clear communication channels within the organization can help address these challenges and ensure cyber risk is managed proactively.
What are the most commonly searched types of Cyber Risk jobs in Washington? The most popular types of Cyber Risk jobs in Washington are:
Cyber Risk Analyst (TS/SCI)

Cyber Risk Analyst (TS/SCI)

Beyond SOF

Reston, VA • On-site

Other

This job post has expired 1 day ago. Applications are no longer accepted.


Job description

Cyber Risk Analyst (TS/SCI)
Reston, VA, USA
Full-time
Clearance: Top Secret/SCI

Job Description Summary:
Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to the DoD and the IC. In all of this "cyber noise," how can these organizations understand their risks and how to mitigate them? The answer is you. Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action.

As a Cyber-Risk Analyst on our team, you'll use your experience to work with DoD programs to discover their cyber risks, understand policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from engineers and SMEs to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, white papers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission critical networks and systems. This is your opportunity to act as an information security subject matter expert while broadening your skills in cybersecurity, security and network tools, systems engineering, and data science.

Qualifications
  • 5+ years of experience working in a professional IT environment
  • 3+ years of experience with cybersecurity
  • 3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)
  • Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker
  • Experience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentation
  • Knowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
  • IAT Level II Certification, including a Security+ Certification

Desired Qualifications:

  • Experience with DoD or IC cybersecurity projects or programs
  • Experience with DevSecOps, Path-to-Production, and CI/CD
  • Experience with Cloud Authorization and Cloud Migration
  • Experience with administering Red Hat Enterprise Linux or Windows Server 2012 or higher
  • Ability to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specifications
  • Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders
  • Ability to communicate and integrate between multiple customer stakeholders
  • Bachelor's degree