1

Cyber Security Risk Assessment Jobs in Virginia (NOW HIRING)

Develop cybersecurity risk assessment analysis and risk mitigation plans for combat systems * Develop documentation of cybersecurity requirements, gap analysis, threat analysis, system engineering ...

Develop cybersecurity risk assessment analysis and risk mitigation plans for combat systems * Develop documentation of cybersecurity requirements, gap analysis, threat analysis, system engineering ...

Apply Early

Sr. Cyber Analyst

Hampton, VA · On-site

$97K - $125K/yr

Provides recommendations to activity leadership on processes and methodologies to assess cybersecurity risk on information systems. Works with other Cyber Analysts, SMEs, and SCA-Rs to ensure that ...

Apply Early

Required Qualifications: * 10+ years of experience in cybersecurity risk assessment, vulnerability ... analysis, or cyber mission assurance. * Deep knowledge of NIST SP 800-30, NIST Risk Management ...

Program Risk Manager

Herndon, VA · On-site

$86K - $138K/yr

Conduct structured risk assessments for proposals, program changes, acquisitions, policy updates, and major milestones to quantify impacts to cost, schedule, performance, cybersecurity, and ...

Program Risk Manager

Herndon, VA · On-site

$86K - $138K/yr

Conduct structured risk assessments for proposals, program changes, acquisitions, policy updates, and major milestones to quantify impacts to cost, schedule, performance, cybersecurity, and ...

Risk Assessment: Conduct cybersecurity risk assessments of industrial control systems (ICS) networks, systems, and components to identify vulnerabilities and recommend mitigation strategies.

Cybersecurity Engineer

Virginia Beach, VA · On-site

$100K - $115K/yr

Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment. * Apply the cybersecurity risk management ...

next page

Showing results 1-20

Cyber Security Risk Assessment information

See Virginia salary details

$56.5K

$131.8K

$184.4K

How much do cyber security risk assessment jobs pay per year?

As of Jul 4, 2026, the average yearly pay for cyber security risk assessment in Virginia is $131,822.00, according to ZipRecruiter salary data. Most workers in this role earn between $110,000.00 and $148,700.00 per year, depending on experience, location, and employer.

Can you make $500,000 a year in cyber security?

Cyber security risk assessment professionals can potentially earn $500,000 annually, especially at senior levels or in high-demand industries, often requiring advanced certifications like CISSP or CISA, extensive experience, and specialized skills. Such high salaries are typically associated with leadership roles, consulting positions, or working for large organizations with complex security needs.

What are the key skills and qualifications needed to thrive in Cyber Security Risk Assessment, and why are they important?

To excel in Cyber Security Risk Assessment, you need a solid understanding of information security principles, risk management frameworks, and often a degree in cybersecurity, IT, or related fields. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM are commonly required. Analytical thinking, attention to detail, and strong communication skills help professionals effectively assess risks and convey findings to stakeholders. These skills are crucial for identifying vulnerabilities, prioritizing threats, and ensuring the organization’s data and systems are adequately protected.

What is the role of risk assessment in cyber security?

In cyber security, risk assessment is a critical process that identifies, evaluates, and prioritizes potential threats and vulnerabilities to an organization's information systems. For a cyber security risk assessor, conducting thorough assessments helps determine where to implement controls, improve security posture, and comply with standards like ISO 27001 or NIST. This process supports informed decision-making and resource allocation to mitigate cyber threats effectively.

What is the difference between Cyber Security Risk Assessment vs Cyber Security Analyst?

AspectCyber Security Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating security risks and vulnerabilitiesMonitoring, analyzing, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams

While both roles require similar certifications and work within cybersecurity, a Cyber Security Risk Assessment focuses on evaluating potential vulnerabilities and risks to an organization’s assets. In contrast, a Cyber Security Analyst actively monitors and responds to security threats, ensuring ongoing protection. Understanding these differences helps organizations assign the right responsibilities to each role.

What are some common challenges faced by professionals conducting cyber security risk assessments?

Professionals in cyber security risk assessment often face challenges such as keeping up with rapidly evolving threats, effectively communicating technical risks to non-technical stakeholders, and ensuring comprehensive coverage across complex IT environments. Balancing thoroughness with tight deadlines can also be demanding, as assessments must be both detailed and timely. Collaborating with various departments to gather accurate information and maintain up-to-date asset inventories is crucial for effective risk analysis and mitigation.

Can I make $200,000 a year in cyber security?

Cyber security professionals, including risk assessors, can earn $200,000 or more annually, especially with advanced skills, certifications like CISSP or CISA, and experience in high-demand areas such as threat management or security architecture. Salaries vary based on location, industry, and level of expertise, with senior roles and specialized skills commanding higher pay.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced analysts with certifications like CISSP or CISA can earn higher salaries, especially in larger organizations or high-demand areas.

What is a cyber security risk assessment?

A cyber security risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities that could negatively impact an organization's information systems. By analyzing assets, threats, vulnerabilities, and impacts, organizations can determine the likelihood and consequences of cyber incidents. The goal is to implement appropriate measures to reduce risks to acceptable levels, ensuring data protection and regulatory compliance. Regular risk assessments help organizations stay ahead of evolving cyber threats and make informed security decisions.
What are popular job titles related to Cyber Security Risk Assessment jobs in Virginia? For Cyber Security Risk Assessment jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Assessment jobs in Virginia look for? The top searched job categories for Cyber Security Risk Assessment jobs in Virginia are:
What cities in Virginia are hiring for Cyber Security Risk Assessment jobs? Cities in Virginia with the most Cyber Security Risk Assessment job openings:
Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

RPI Group

Dahlgren, VA • On-site

Full-time

Posted 17 days ago


Job description

Location: Dahlgren, VA
Reports to: Contract Task Lead / Cybersecurity Lead
Position Summary:
RPI Group, Inc. is looking for a Senior Cybersecurity Engineer for an opportunity to support our Navy customer at Dahlgren NSWC, VA.
Key Responsibilities:
  • Develop cybersecurity requirements, policy standards, best practices, guidance, and procedures for combat systems
  • Conduct cybersecurity-related research, analysis, and coordination activities in support of DOD cyber assurance and policy efforts at multiple classification levels
  • Lead working groups to develop cybersecurity strategies to meet emerging threats
  • Perform analysis of cybersecurity, intelligence, and information technology policy gaps for combat systems
  • Perform cybersecurity system engineering design, analysis, and documentation of combat systems
  • Develop cybersecurity risk assessment analysis and risk mitigation plans for combat systems
  • Develop documentation of cybersecurity requirements, gap analysis, threat analysis, system engineering, risk assessment, and mitigation for combat systems

Minimum Requirements:
  • Active Secret security clearance or higher
  • IAT Level II certification or higher per DoD 8570.01, or successor
  • 5+ years of program-specific experience with cybersecurity requirements development, cyber threat analysis, cyber systems engineering, cyber systems architecture development or cybersecurity policy development experience
  • 7+ years of program-specific experience with SLBM
  • 5+ years of experience working with Navy Combat systems such as AEGIS, Ship Self Defense system, Cooperative Engagement Capability, Ground / Air Task Oriented Radar, Solid State Laser, Railgun or other combat systems
  • Possess an understanding of cybersecurity, military system specifications, and DoD IA policies for both land-based and afloat/tactical systems
  • Possess the ability to communicate clearly and succinctly in written and oral presentations

Preferred Education:
  • Bachelor's in Computer Science, IT or IT-related field preferred

**RPI Group, Inc. is an Equal Employment Opportunity (EEO) Employer.**