1

Cyber Security Risk Analyst Jobs in California (NOW HIRING)

Senior Cybersecurity GRC Analyst

San Jose, CA · On-site

$117K - $151K/yr

C. is seeking a Senior Cybersecurity GRC Analyst to lead governance and compliance initiatives ... The role involves managing the Compliance Program, conducting risk assessments, overseeing access ...

Risk Management & Assessment: * Lead comprehensive cybersecurity risk assessments across the ... Analyze access trends and "over-privileged" accounts to recommend Least Privilege improvements and ...

The Insider Risk Analyst supports the Insider Risk Program by monitoring and triaging insider-risk ... Create and advocate for Team Member training and awareness on cybersecurity risks and best ...

The Insider Risk Analyst supports the Insider Risk Program by monitoring and triaging insider-risk ... Create and advocate for Team Member training and awareness on cybersecurity risks and best ...

Position: Senior CyberSecurity GRC Analyst (San Jose, CA) Job Overview: Governance & Compliance ... risk analysis to inform executive decision-making and resource allocation. Identity & Access ...

Cyber and IT Risk Management Job Qualifications: Skills: Continuous Monitoring, Security ... cybersecurity event monitoring, focused on incident detection, triage, and analysis with the ...

... Cybersecurity Risk Assessments (MBCRA) (e.g., MRAP-C, CTT) events and provide Mission Impact Analysis and recommendations to the program office - Understanding of the discipline and practice of ...

next page

Showing results 1-20

Cyber Security Risk Analyst information

See California salary details

$42.4K

$98.1K

$148K

How much do cyber security risk analyst jobs pay per year?

As of Jun 30, 2026, the average yearly pay for cyber security risk analyst in California is $98,098.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $114,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Cyber Security Risk Analyst position, and why are they important?

A Cyber Security Risk Analyst requires a solid understanding of information security principles, risk assessment methodologies, and a relevant degree such as computer science or cybersecurity. Familiarity with tools like risk management frameworks (NIST, ISO 27001), vulnerability scanners, and certifications such as CISSP, CISM, or CRISC is common in this role. Strong analytical thinking, attention to detail, effective communication, and problem-solving skills are vital soft skills. These competencies enable analysts to accurately identify, assess, and communicate cyber risks, protecting organizations from evolving threats.

Can you make $200,000 in cyber security?

Cyber Security Risk Analysts with extensive experience, advanced certifications, and specialized skills can potentially earn $200,000 or more annually, especially in high-demand industries or senior roles. Achieving this salary often requires a combination of technical expertise, certifications like CISSP or CISA, and a strong understanding of risk management and security frameworks.

What does a cyber security risk analyst do?

A cyber security risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They analyze security data, develop risk management strategies, and often use tools like vulnerability scanners and risk assessment frameworks to protect information systems.

What is a Cyber Security Risk Analyst job?

A Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks within an organization. They analyze potential threats, evaluate security controls, and recommend improvements to protect sensitive data and systems. Their role often involves conducting risk assessments, ensuring compliance with industry regulations, and collaborating with IT and security teams to enhance defenses. They also monitor emerging threats and provide strategic insights to minimize vulnerabilities. Ultimately, they help organizations maintain a strong security posture against cyber threats.

What are some typical challenges faced by Cyber Security Risk Analysts on the job?

Cyber Security Risk Analysts commonly face the challenge of keeping up with constantly evolving threats and technology landscapes. They must balance the need for robust security with business objectives, often requiring nuanced decision-making and collaboration across departments. Analysts may also encounter difficulties in communicating complex technical risks to non-technical stakeholders. Successfully navigating these challenges is key to maintaining organizational security and fostering a culture of risk awareness.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

Can you make $500,000 a year in cyber security?

Cyber Security Risk Analysts typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires senior roles such as Chief Information Security Officer (CISO) or executive positions, which involve strategic leadership and extensive industry experience. High salaries in cybersecurity are often associated with leadership, specialized skills, and working in high-demand sectors or organizations.
What are the most commonly searched types of Cyber Security Risk Analyst jobs in California? The most popular types of Cyber Security Risk Analyst jobs in California are:
What are popular job titles related to Cyber Security Risk Analyst jobs in California? For Cyber Security Risk Analyst jobs in California, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Analyst jobs in California look for? The top searched job categories for Cyber Security Risk Analyst jobs in California are:
What cities in California are hiring for Cyber Security Risk Analyst jobs? Cities in California with the most Cyber Security Risk Analyst job openings:
Infographic showing various Cyber Security Risk Analyst job openings in California as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% Hybrid job distribution, with an average salary of $98,098 per year, or $47.2 per hour.
Cybersecurity Engineer and Risk Analyst

Cybersecurity Engineer and Risk Analyst

Booz Allen Hamilton

San Diego, CA • On-site

Full-time

Medical, Life, Retirement, PTO

Posted 14 days ago


Booz Allen Hamilton rating

8.8

Company rating: 8.8 out of 10

Based on 47 frontline employees who took The Breakroom Quiz

9th of 58 rated business consultants


Job description

Cybersecurity Engineer and Risk Analyst

The Opportunity:

Are you looking for an opportunity to advance your experience in cybersecurity and security engineering that will safeguard our nation? As a systems security and network security engineer, you can identify the tools, applications, and systems needed to assess vulnerabilities and recommend the best solution and security strategy. We need your experience to develop and implement security solutions that will protect our military.

On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your curiosity for technology and market trends to further research and develop security solutions. Using your knowledge of and experience in ACAS, STIGing, and scanning, you'll assess security threats and implement infrastructure controls.

In this role, you'll closely impact Navy missions by championing cybersecurity, discovering cyber risks, and providing hands-on support to critical mission areas. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers.

Work with us as we secure and protect our military's cybersecurity posture for the better.

What You'll Work On:

  • Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
  • Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities, and improved event correlation in large enterprises.
  • Perform risk and vulnerability assessments in network, system, and application areas.
  • Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.

Join us. The world can't wait.

You Have:

  • 3+ years of experience working with the Information Technology (IT) systems for a DoD or government agency
  • Experience with Risk Management Framework (RMF)
  • Experience with security policies, cybersecurity compliance, and vulnerability remediation of networks, systems, or communications protocols
  • Experience with operating systems, platforms, or technologies, including Windows, Linux, cloud, or virtualization
  • Knowledge of architecture visualization, and system artifacts development and maintenance, including Boundary Diagrams and Data Flow Diagrams
  • Knowledge of eMASS, including security plan development and hands-on processing of packages through workflows, assisting with generating security policies, evaluating assessment documentation, and developing written security risks, mitigations, and recommendations
  • Ability to devise and execute client deliverables, work independently, identify problems and devise analysis and solutions, communicate results to both technical and non-technical audiences, and lead the accomplishments of client tasks from inception to completion
  • TS/SCI clearance
  • HS diploma or GED
  • DoD 8140 Certification

Nice If You Have:

  • Experience with tools such as the Assured Compliance Assessment Solution (ACAS), DoD Security Technical Implementation Guides (STIG), and Evaluate-STIG
  • Experience integrating security into DevOps or DevSecOps pipelines
  • Experience implementing automation methodologies and processes
  • Experience deploying, implementing, maintaining, and integrating cybersecurity tools and applications in alignment with the current threat landscape, and analyzing risks and opportunities at both tactical and strategic levels
  • Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, intrusion prevention systems, vulnerability scanners, and penetration tools
  • Ability to meet cyber schedule, performance, and quality metrics within the systems development lifecycle and acquisition lifecycle
  • Master's degree
  • OS Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $69,300.00 to $158,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Candidate AI Usage Policy

AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided.

Work Model
Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings.

  • Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility.

  • Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility.

  • Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.


What Booz Allen Hamilton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Booz Allen Hamilton logo

About Booz Allen Hamilton

Sourced by ZipRecruiter

Booz Allen Hamilton is a leading provider of management and technology consulting services to the US government in defense, intelligence, and civil markets. Headquartered in McLean, Virginia, the firm also serves major corporations, institutions, and not-for-profit organizations. Founded in 1914 by Edwin G. Booz, the company has a long-standing tradition of helping clients achieve success by delivering a wide range of consulting services that include strategic planning, human capital and learning, communication, systems development, and others. The company's mission is to empower people to change the world, and it has a reputation for maintaining the highest standards of integrity and-excellence.

Industry

It services

Company size

10,000+ Employees

Headquarters location

McLean, VA, US

Year founded

1914