The Cybersecurity Risk and Compliance Analyst ensures that the organization's technology ecosystem is evaluated correctly, assessed, and managed to ensure compliance and minimize cybersecurity risk ...
The Cybersecurity Risk and Compliance Analyst ensures that the organization's technology ecosystem is evaluated correctly, assessed, and managed to ensure compliance and minimize cybersecurity risk ...
Senior GRC Risk Analyst
Carmel, IN · On-site
$105K - $130K/yr
Are you passionate about cybersecurity and protecting critical infrastructure? Join MISO as a Senior GRC Risk Analyst , where you will play a key role in safeguarding the power grid by identifying ...
Senior GRC Risk Analyst
Carmel, IN · On-site
$105K - $130K/yr
Are you passionate about cybersecurity and protecting critical infrastructure? Join MISO as a Senior GRC Risk Analyst , where you will play a key role in safeguarding the power grid by identifying ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
Cyber Risk Analyst
Chantilly, VA · On-site
$86K - $138K/yr
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
Cyber Risk Analyst
Chantilly, VA · On-site
$86K - $138K/yr
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
Cyber Risk Analyst
Bowie, MD · On-site
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
Cyber Risk Analyst
Bowie, MD · On-site
This is an ideal role for a cybersecurity professional who thrives at the intersection of risk analysis, compliance, and mission impact. Work Location: * This position is 100% on-site, primarily ...
Senior Cybersecurity Risk Analyst - USA Remote
Boston, MA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Boston, MA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
Director, Cybersecurity Risk
Jersey City, NJ · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Director, Cybersecurity Risk
Jersey City, NJ · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Director, Cybersecurity Risk
Jersey City, NJ · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Director, Cybersecurity Risk
Jersey City, NJ · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Director, Cybersecurity Risk
Westlake, TX · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Director, Cybersecurity Risk
Westlake, TX · On-site
$126K/yr
The candidate will quantify cyber risk and present analyses that will allow senior management to ... Demonstrated experience in cybersecurity risk management. * Experience managing projects end-to-end ...
Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise. * Define and ...
Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise. * Define and ...
Risk Management • Risk Analysis: Analyze and assess third-party cybersecurity risks. • Compliance Monitoring: Monitor vendor compliance with security requirements. • Remediation Support:
New
Risk Management • Risk Analysis: Analyze and assess third-party cybersecurity risks. • Compliance Monitoring: Monitor vendor compliance with security requirements. • Remediation Support:
New
Senior Cybersecurity Risk Analyst - USA Remote
Las Vegas, NV · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Las Vegas, NV · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Sacramento, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Sacramento, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Denver, CO · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Denver, CO · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Los Angeles, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
Los Angeles, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
San Diego, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Senior Cybersecurity Risk Analyst - USA Remote
San Diego, CA · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across ...
New
Cyber Security Risk Analyst information
See salary details
$43K - $52.7K
1% of jobs
$52.7K - $62.5K
6% of jobs
$62.5K - $72.2K
10% of jobs
$78.8K is the 25th percentile. Wages below this are outliers.
$72.2K - $81.9K
12% of jobs
$81.9K - $91.6K
15% of jobs
The median wage is $95.8K / yr.
$91.6K - $101.4K
15% of jobs
$101.4K - $111.1K
10% of jobs
$115.3K is the 75th percentile. Wages above this are outliers.
$111.1K - $120.8K
16% of jobs
$120.8K - $130.5K
7% of jobs
$130.5K - $140.3K
5% of jobs
$140.3K - $150K
3% of jobs
$43K
$99.4K
$150K
How much do cyber security risk analyst jobs pay per year?
As of Jun 20, 2026, the average yearly pay for cyber security risk analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.
Is 40 too old for cyber security?
Cyber Security Risk Analysts can be successful at any age, as the field values skills, experience, and continuous learning. Many professionals transition into cybersecurity later in their careers, often obtaining certifications like CISSP or CompTIA Security+ to enhance their qualifications. Age is generally not a barrier if you have relevant skills and stay current with industry developments.
Is SOC an entry level job?
A Security Operations Center (SOC) analyst role is typically considered an entry-level or early-career position in cybersecurity, often requiring foundational knowledge of security tools, monitoring, and incident response. However, some SOC roles may require prior experience or certifications like CompTIA Security+ or Cisco CCNA, depending on the organization's complexity. Advancement usually involves gaining experience and additional certifications in cybersecurity.
What are the key skills and qualifications needed to thrive in the Cyber Security Risk Analyst position, and why are they important?
A Cyber Security Risk Analyst requires a solid understanding of information security principles, risk assessment methodologies, and a relevant degree such as computer science or cybersecurity. Familiarity with tools like risk management frameworks (NIST, ISO 27001), vulnerability scanners, and certifications such as CISSP, CISM, or CRISC is common in this role. Strong analytical thinking, attention to detail, effective communication, and problem-solving skills are vital soft skills. These competencies enable analysts to accurately identify, assess, and communicate cyber risks, protecting organizations from evolving threats.
What is a Cyber Security Risk Analyst job?
A Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks within an organization. They analyze potential threats, evaluate security controls, and recommend improvements to protect sensitive data and systems. Their role often involves conducting risk assessments, ensuring compliance with industry regulations, and collaborating with IT and security teams to enhance defenses. They also monitor emerging threats and provide strategic insights to minimize vulnerabilities. Ultimately, they help organizations maintain a strong security posture against cyber threats.
What are some typical challenges faced by Cyber Security Risk Analysts on the job?
Cyber Security Risk Analysts commonly face the challenge of keeping up with constantly evolving threats and technology landscapes. They must balance the need for robust security with business objectives, often requiring nuanced decision-making and collaboration across departments. Analysts may also encounter difficulties in communicating complex technical risks to non-technical stakeholders. Successfully navigating these challenges is key to maintaining organizational security and fostering a culture of risk awareness.
What does a cybersecurity risk analyst do?
A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.
Can you make $500,000 a year in cyber security?
Cyber Security Risk Analysts typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary generally requires senior roles such as Chief Information Security Officer (CISO) or executive positions, which involve broader responsibilities and leadership skills. High salaries in cybersecurity are often associated with extensive experience, advanced certifications, and strategic management roles.
More about Cyber Security Risk Analyst jobs
What cities are hiring for Cyber Security Risk Analyst jobs? Cities with the most Cyber Security Risk Analyst job openings:
What are the most commonly searched types of Cyber Security Risk Analyst jobs? The most popular types of Cyber Security Risk Analyst jobs are:
What states have the most Cyber Security Risk Analyst jobs? States with the most job openings for Cyber Security Risk Analyst jobs include:
What job categories do people searching Cyber Security Risk Analyst jobs look for? The top searched job categories for Cyber Security Risk Analyst jobs are:
Full-time
Posted 11 days ago
Job description
The Cybersecurity Risk and Compliance Analyst ensures that the organization's technology ecosystem is evaluated correctly, assessed, and managed to ensure compliance and minimize cybersecurity risk exposure and impacts to the business. The analyst will assist with tracking open audit findings and facilitate response generation, information gathering, testing evidence, and escalation of the prior conclusions. The analyst will collaborate with infrastructure team members, drive the adoption of security best practices, assist with creating new policies, improve existing security processes, and support adherence to the organization's security policies and procedures.
BS or MA in computer science, information security, cybersecurity or a related field.
• 3+ years of experience in an IT audit, enterprise risk management (ERM) role or cyber risk management role
• 3+ years of experience with regulatory compliance, risk management frameworks, and information security management frameworks (e.g., ISO 27000, CMMC, NIST 800-171, NIST Risk Management Framework, CARF, etc.)
• Strong background in conducting Business Impact Analysis (BIA) to evaluate the potential impact of cybersecurity risk on critical business processes and functions.
• Experience understanding and articulating business goals and objectives.
• Experience identifying and assessing risks to the organization's business.
• Experience communicating complex technical concepts to non-technical audiences.
• Experience with cybersecurity principles and practices, including risk management, security controls, and incident response.
• Experience with cybersecurity technologies and systems, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
• Familiarity in one or more of the following areas: Identity management, PAM, SSO and MFA
• Ability to leverage research from various sources such as government research, think tanks, academic research, and industry reports
BS or MA in computer science, information security, cybersecurity or a related field.
• 3+ years of experience in an IT audit, enterprise risk management (ERM) role or cyber risk management role
• 3+ years of experience with regulatory compliance, risk management frameworks, and information security management frameworks (e.g., ISO 27000, CMMC, NIST 800-171, NIST Risk Management Framework, CARF, etc.)
• Strong background in conducting Business Impact Analysis (BIA) to evaluate the potential impact of cybersecurity risk on critical business processes and functions.
• Experience understanding and articulating business goals and objectives.
• Experience identifying and assessing risks to the organization's business.
• Experience communicating complex technical concepts to non-technical audiences.
• Experience with cybersecurity principles and practices, including risk management, security controls, and incident response.
• Experience with cybersecurity technologies and systems, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
• Familiarity in one or more of the following areas: Identity management, PAM, SSO and MFA
• Ability to leverage research from various sources such as government research, think tanks, academic research, and industry reports