1

Cyber Security Risk Analyst Jobs in Baltimore, MD

ISSE, Senior

Columbia, MD · On-site

$175K - $230K/yr

Conduct cybersecurity risk assessments and provide prioritized risk mitigation recommendations in ... Analyze candidate architectures by evaluating against defined security requirements to identify ...

Conduct cybersecurity risk assessments and provide prioritized risk mitigation recommendations in ... Analyze candidate architectures by evaluating against defined security requirements to identify ...

next page

Showing results 1-20

Cyber Security Risk Analyst information

See Baltimore, MD salary details

$42.7K

$98.8K

$149K

How much do cyber security risk analyst jobs pay per year?

As of Jul 14, 2026, the average yearly pay for cyber security risk analyst in Baltimore, MD is $98,768.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,000.00 and $114,800.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Cyber Security Risk Analyst position, and why are they important?

A Cyber Security Risk Analyst requires a solid understanding of information security principles, risk assessment methodologies, and a relevant degree such as computer science or cybersecurity. Familiarity with tools like risk management frameworks (NIST, ISO 27001), vulnerability scanners, and certifications such as CISSP, CISM, or CRISC is common in this role. Strong analytical thinking, attention to detail, effective communication, and problem-solving skills are vital soft skills. These competencies enable analysts to accurately identify, assess, and communicate cyber risks, protecting organizations from evolving threats.

Can you make $200,000 in cyber security?

Cyber Security Risk Analysts with extensive experience, advanced certifications, and specialized skills can potentially earn $200,000 or more annually, especially in high-demand industries or senior roles. Achieving this salary often requires a combination of technical expertise, certifications like CISSP or CISA, and a strong understanding of risk management and security frameworks.

What does a cyber security risk analyst do?

A cyber security risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They analyze security data, develop risk management strategies, and often use tools like vulnerability scanners and risk assessment frameworks to protect information systems.

What is a Cyber Security Risk Analyst job?

A Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks within an organization. They analyze potential threats, evaluate security controls, and recommend improvements to protect sensitive data and systems. Their role often involves conducting risk assessments, ensuring compliance with industry regulations, and collaborating with IT and security teams to enhance defenses. They also monitor emerging threats and provide strategic insights to minimize vulnerabilities. Ultimately, they help organizations maintain a strong security posture against cyber threats.

What are some typical challenges faced by Cyber Security Risk Analysts on the job?

Cyber Security Risk Analysts commonly face the challenge of keeping up with constantly evolving threats and technology landscapes. They must balance the need for robust security with business objectives, often requiring nuanced decision-making and collaboration across departments. Analysts may also encounter difficulties in communicating complex technical risks to non-technical stakeholders. Successfully navigating these challenges is key to maintaining organizational security and fostering a culture of risk awareness.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

Can you make $500,000 a year in cyber security?

Cyber Security Risk Analysts typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires senior roles such as Chief Information Security Officer (CISO) or executive positions, which involve strategic leadership and extensive industry experience. High salaries in cybersecurity are often associated with leadership, specialized skills, and working in high-demand sectors or organizations.
What are the most commonly searched types of Cyber Security Risk Analyst jobs in Baltimore, MD? The most popular types of Cyber Security Risk Analyst jobs in Baltimore, MD are:
What are popular job titles related to Cyber Security Risk Analyst jobs in Baltimore, MD? For Cyber Security Risk Analyst jobs in Baltimore, MD, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Analyst jobs in Baltimore, MD look for? The top searched job categories for Cyber Security Risk Analyst jobs in Baltimore, MD are:
What cities near Baltimore, MD are hiring for Cyber Security Risk Analyst jobs? Cities near Baltimore, MD with the most Cyber Security Risk Analyst job openings:
Infographic showing various Cyber Security Risk Analyst job openings in Baltimore, MD as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $98,768 per year, or $47.5 per hour.
Cybersecurity Analyst (contingent 045)

Cybersecurity Analyst (contingent 045)

MSSI

Aberdeen Proving Ground, MD

Full-time

Re-posted 15 days ago


Job description

This is contingent upon award. 

Job Title: Cybersecurity Analyst (contingent)

Job Summary:
Seeking an experienced Cybersecurity Analyst/Information Assurance Manager (IAM) Level III to provide cybersecurity expertise and ensure compliance with military Risk Management Framework (RMF) requirements. The ideal candidate will have extensive knowledge of cybersecurity engineering, risk management, and systems assessment within large, complex information systems.

 Key Responsibilities:

  • Provide expert guidance to ensure that systems comply with military RMF requirements as outlined in DoDI 8510.01 for DoD Information Technology (IT).
  • Support the Authority to Operate (ATO) process and maintain ATO certifications.
  • Conduct technical assessments of systems using tools like Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), and Security Technical Implementation Guides (STIGs).
  • Identify and analyze system vulnerabilities, developing Plans of Action & Milestones (POA&Ms) for remediation.
  • Recommend and implement effective remediation strategies to address identified security deficiencies.
  • Assess programmatic impacts associated with the implementation of common control requirements within the Risk Management Framework (RMF).
  • Provide expertise on cloud and network security, including cloud security infrastructure products and tools.
  • Utilize a variety of cybersecurity tools and technologies, including but not limited to:
    • Host Based Security System (HBSS)
    • Data Loss Prevention-Endpoint (DLPe)
    • Endpoint Security (ENS)
    • ePolicy Orchestrator (ePO)
    • Tychon
    • Threat Intelligence and analysis
    • Internet of Things (IoT) security
    • AI/ML applications
    • Windows Server Update Services (WSUS)
    • Security Information and Event Management (SIEM) tools, such as Splunk
    • Identity and Access Management (IAM) solutions
    • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) tools
    • SCAP, STIG Viewer, and Evaluate STIG tools.

 Qualifications:

  • Proficient understanding of the Risk Management Framework (RMF) and its application to complex information systems.
  • Strong analytical skills with the ability to identify and assess cybersecurity vulnerabilities and risks.
  • Excellent written and verbal communication skills for reporting findings and recommendations clearly to stakeholders.

 Education and Experience:

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field; relevant certifications are a plus.
  • Minimum of 5 years' experience in cybersecurity engineering.
  • Required certifications: DoD 8570.01-Manual (M) Baseline Certification for an Information Assurance Manager (IAM) Level III.
  • Secret security clearance is required.