ZipRecruiter

Log In

1

Cyber Security Risk Assessment Jobs (NOW HIRING)

Booz Allen Hamilton

Risk Assessment Analyst

Alexandria, VA · On-site

$62K - $141K/yr

Experience in cybersecurity risk assessments and supply chain or risk management efforts * Experience leveraging collaboration forums, such as MS Teams and SharePoint, for knowledge management and to ...

Drawbridge

Cybersecurity Risk Associate

New York, NY · On-site

$90K - $105K/yr

Cybersecurity Risk Associate - Hybrid position Drawbridge Client Success / Technical Advisory ... Assess the security posture of cloud platforms and infrastructure including but not limited to ...

next page

Showing results 1-20

All JobsCyber Security Risk Assessment Jobs

Cyber Security Risk Assessment information

See salary details

$57K

$133K

$186K

How much do cyber security risk assessment jobs pay per year?

As of Jun 17, 2026, the average yearly pay for cyber security risk assessment in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

Can you make $500,000 a year in cyber security?

Cyber security professionals, especially those in senior roles such as security architects or chief information security officers, can earn $500,000 or more annually, often through a combination of base salary, bonuses, and stock options. Achieving this level typically requires extensive experience, advanced certifications like CISSP or CISM, and working in high-demand industries or organizations with complex security needs.

What are the key skills and qualifications needed to thrive in Cyber Security Risk Assessment, and why are they important?

To excel in Cyber Security Risk Assessment, you need a solid understanding of information security principles, risk management frameworks, and often a degree in cybersecurity, IT, or related fields. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM are commonly required. Analytical thinking, attention to detail, and strong communication skills help professionals effectively assess risks and convey findings to stakeholders. These skills are crucial for identifying vulnerabilities, prioritizing threats, and ensuring the organization’s data and systems are adequately protected.

What is the role of risk assessment in cyber security?

In cyber security, a risk assessment is a process that identifies, evaluates, and prioritizes potential threats and vulnerabilities to an organization's information systems. It helps security professionals, such as cyber security risk assessors, determine where to allocate resources and implement controls to reduce the likelihood and impact of cyber threats. Conducting regular risk assessments is essential for maintaining an effective security posture and complying with industry standards and regulations.

What is the difference between Cyber Security Risk Assessment vs Cyber Security Analyst?

AspectCyber Security Risk AssessmentCyber Security Analyst
Primary FocusIdentifying and evaluating security risks and vulnerabilitiesMonitoring, analyzing, and responding to security threats
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment teams, consulting firms, security departmentsSecurity operations centers, IT departments, incident response teams

While both roles require similar certifications and work within cybersecurity, a Cyber Security Risk Assessment focuses on evaluating potential vulnerabilities and risks to an organization’s assets. In contrast, a Cyber Security Analyst actively monitors and responds to security threats, ensuring ongoing protection. Understanding these differences helps organizations assign the right responsibilities to each role.

Is SOC analyst a high paying job?

SOC analysts typically earn competitive salaries that increase with experience, certifications, and the size of the organization. Entry-level positions may start at average wages, while experienced analysts with certifications like CISSP or CEH can earn higher salaries, making it a financially rewarding cybersecurity role.

What are some common challenges faced by professionals conducting cyber security risk assessments?

Professionals in cyber security risk assessment often face challenges such as keeping up with rapidly evolving threats, effectively communicating technical risks to non-technical stakeholders, and ensuring comprehensive coverage across complex IT environments. Balancing thoroughness with tight deadlines can also be demanding, as assessments must be both detailed and timely. Collaborating with various departments to gather accurate information and maintain up-to-date asset inventories is crucial for effective risk analysis and mitigation.

What is a cyber security risk assessment?

A cyber security risk assessment is a process used to identify, evaluate, and prioritize potential threats and vulnerabilities that could negatively impact an organization's information systems. By analyzing assets, threats, vulnerabilities, and impacts, organizations can determine the likelihood and consequences of cyber incidents. The goal is to implement appropriate measures to reduce risks to acceptable levels, ensuring data protection and regulatory compliance. Regular risk assessments help organizations stay ahead of evolving cyber threats and make informed security decisions.

What is the 80 20 rule in cyber security?

In cyber security risk assessment, the 80/20 rule suggests that approximately 80% of security issues are caused by 20% of vulnerabilities or threats. Security professionals focus on identifying and mitigating the most critical risks to efficiently improve overall security posture.
More about Cyber Security Risk Assessment jobs
What cities are hiring for Cyber Security Risk Assessment jobs? Cities with the most Cyber Security Risk Assessment job openings:
What states have the most Cyber Security Risk Assessment jobs? States with the most job openings for Cyber Security Risk Assessment jobs include:
What job categories do people searching Cyber Security Risk Assessment jobs look for? The top searched job categories for Cyber Security Risk Assessment jobs are:
Cyber Security Risk Assessment jobs near you
Infographic showing various Cyber Security Risk Assessment job openings in the United States as of June 2026, with employment types broken down into 1% As Needed, 85% Full Time, 10% Part Time, and 4% Contract. Highlights an 92% Physical, 3% Hybrid, and 5% Remote job distribution, with an average salary of $132,962 per year, or $63.9 per hour.
Mgr Cybersecurity Program & Risk

Mgr Cybersecurity Program & Risk

Blount Fine Foods

Warren, RI • On-site

Full-time

Posted 7 days ago

Blount Fine Foods rating

6.3

Company rating: 6.3 out of 10

Based on 23 frontline employees who took The Breakroom Quiz

262nd of 383 rated food and drinks producers

Job description

Job Summary:
Blount Fine Foods is a family-owned manufacturer of premium fresh prepared foods, seeking a Cybersecurity Program & Risk Manager. This role is responsible for managing the organization's enterprise cybersecurity risk posture, influencing executive leadership, and ensuring effective risk management across various domains.
Responsibilities:
• Own the enterprise cybersecurity risk framework, including identification, assessment, prioritization, and mitigation tracking.
• Maintain and mature the cybersecurity and technology risk register with clear risk statements, ownership, and mitigation plans.
• Develop and execute a multi-year cybersecurity program roadmap aligned to business strategy.
• Facilitate cybersecurity maturity assessments and pragmatic improvement planning.
• Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors.
• Define and enforce cybersecurity requirements in contracts and ensure evidence-based compliance.
• Coordinate vendor risk assessments and remediation activities with Procurement and Legal.
• Ensure subsidiaries comply with corporate cybersecurity policies and minimum standards.
• Prepare cybersecurity risk materials for leadership and governance committees.
• Translate cybersecurity risk into business, operational, and reputational impact.
• Support audits, assessments, and external reviews with defensible documentation.
• Develop dashboards and executive metrics to show risk posture and trend visibility.
• Own the enterprise security awareness and phishing simulation program.
• Analyze trends and recommend corrective actions to reduce human risk.
• Partner with HR and Communications to embed cybersecurity into company culture.
• Maintain awareness across incident response, vulnerability management, IAM, and endpoint security.
• Coordinate security initiatives without owning day-to-day technical operations.
• Ensure clarity of ownership and risk coverage across teams and vendors.
Qualifications:
Required:
• 7–10+ years of experience in cybersecurity, technology risk management, or enterprise risk roles.
• Demonstrated ownership of cybersecurity or technology risk programs.
• Experience with third-party risk management, risk registers, audits, and compliance documentation.
• Ability to translate technical risk into executive-level business impact.
• Strong judgment, stakeholder management, and ability to influence without authority.
• Experience in manufacturing, food, CPG, or industrial environments.
• Practical experience with NIST CSF, ISO 27001, or similar frameworks.
• Exposure to multi-entity or subsidiary operating models.
• Experience presenting risk to executive leadership or Boards.
Company:
Blount Fine Foods is a food production company that provides gourmet soups, sauces, sides, and entrees. Founded in 1880, the company is headquartered in Fall River, USA, with a team of 501-1000 employees. The company is currently Late Stage.

What Blount Fine Foods employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply