1

Cyber Security Risk Management Jobs in Alabama (NOW HIRING)

Cybersecurity Risk Manager

Hoover, AL · On-site +1

$70K - $140K/yr

Bachelor's degree in cybersecurity, risk management, or similar field * Minimum of 5 years of experience in Audit, Compliance, Risk Management or Operational Risk. * In lieu of a Bachelor's degree 4 ...

New

Cybersecurity Risk Manager

Hoover, AL · On-site +1

$70K - $140K/yr

Bachelor's degree in cybersecurity, risk management, or similar field * Minimum of 5 years of experience in Audit, Compliance, Risk Management or Operational Risk. * In lieu of a Bachelor's degree 4 ...

Cyber Security Manager

Huntsville, AL · On-site

$109K - $147K/yr

Lead execution of the DoW Risk Management Framework (RMF) across multiple systems and security ... Ensure cybersecurity is embedded in system design, scheduling software, payload C2, ground ...

Cyber Security Manager

Huntsville, AL · Hybrid

$109K - $147K/yr

Lead execution of the DoW Risk Management Framework (RMF) across multiple systems and security ... Ensure cybersecurity is embedded in system design, scheduling software, payload C2, ground ...

Risk Management Framework, eMASS, Authority to Operate, provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoWI 8500.01 is required. * Support includes assessing and ...

You will play a hands-on role in Cybersecurity Analysis, Engineering, and Risk Management Framework (RMF) compliance, driving mission assurance for some of the nation's most important space systems.

next page

Showing results 1-20

Cyber Security Risk Management information

See Alabama salary details

$51.7K

$120.5K

$168.6K

How much do cyber security risk management jobs pay per year?

As of Jul 12, 2026, the average yearly pay for cyber security risk management in Alabama is $120,515.00, according to ZipRecruiter salary data. Most workers in this role earn between $100,600.00 and $136,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Security Risk Management professional, and why are they important?

To thrive in Cyber Security Risk Management, you need a solid understanding of risk assessment methodologies, information security frameworks (such as ISO 27001 or NIST), and often a relevant degree or certification like CISSP or CISM. Familiarity with security tools, vulnerability assessment platforms, and risk management software is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for identifying threats and conveying risk to stakeholders. These skills ensure that organizations can proactively manage and mitigate cyber threats, safeguarding critical assets and maintaining compliance.

What is cyber security risk management?

Cyber security risk management is the process of identifying, assessing, and prioritizing risks to an organization's information systems and data. It involves evaluating potential threats and vulnerabilities, determining the likelihood and impact of these risks, and implementing measures to mitigate or manage them. Effective risk management helps organizations protect sensitive data, ensure regulatory compliance, and minimize the impact of cyber attacks. This process is ongoing and adapts to new threats and changes in technology.

What is the difference between Cyber Security Risk Management vs Cyber Security Analyst?

AspectCyber Security Risk ManagementCyber Security Analyst
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, CEH, CISSP (preferred)
Work EnvironmentPolicy development, risk assessment, strategic planningMonitoring security systems, incident response, vulnerability analysis
Employer & Industry UsageOrganizations focusing on risk mitigation and complianceOrganizations implementing and maintaining security measures

Cyber Security Risk Management professionals focus on identifying, assessing, and mitigating security risks at an organizational level, often involved in policy and strategy. Cyber Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the same industry, their core responsibilities differ: risk managers develop strategies, whereas analysts execute security measures and respond to threats.

What does a cyber risk manager do?

A cyber risk manager assesses and prioritizes cybersecurity threats to an organization, develops strategies to mitigate risks, and implements security policies. They often use tools like risk assessment frameworks and require certifications such as CISSP or CISM to effectively manage security risks in a dynamic environment.

What are some typical challenges faced by professionals in Cyber Security Risk Management, and how can they be addressed?

Professionals in Cyber Security Risk Management often encounter challenges such as staying updated with rapidly evolving threats, balancing security needs with business objectives, and ensuring compliance with various regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and the implementation of robust risk assessment frameworks. Collaboration with IT, legal, and business teams is essential to develop practical security policies that protect assets without hindering operations.

Can you make $500,000 a year in cyber security?

Cyber security risk management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or with extensive experience and specialized certifications like CISSP or CISM. High salaries are often associated with executive positions, consulting, or working for large organizations with complex security needs.

Can I make $200,000 a year in cyber security?

Cyber Security Risk Management professionals can potentially earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and roles in high-demand sectors or leadership positions. Salaries vary based on location, company size, and individual expertise, but high-level cybersecurity roles often reach or exceed this income level.

Is security risk management a good career?

Security risk management is a valuable career in cybersecurity, focusing on identifying and mitigating potential threats to an organization’s information systems. It often requires knowledge of security frameworks, risk assessment tools, and certifications like CISSP or CISM, and offers strong job growth and demand across various industries.
What are popular job titles related to Cyber Security Risk Management jobs in Alabama? For Cyber Security Risk Management jobs in Alabama, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Management jobs in Alabama look for? The top searched job categories for Cyber Security Risk Management jobs in Alabama are:
Infographic showing various Cyber Security Risk Management job openings in Alabama as of July 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $120,515 per year, or $57.9 per hour.

Cybersecurity Risk Manager

Huntington

Hoover, AL • On-site, Remote

$70K - $140K/yr

Full-time

Medical, Life, Retirement, PTO

Posted 6 days ago

New


Job description

Description

Summary:  

As a 1LTR – Cybersecurity team member, you will apply your cybersecurity expertise, knowledge of regulatory requirements, and industry best practices to identify and guide maturity opportunities to support our Cybersecurity function. This is a key role in helping ensure our Cybersecurity team is informed of risks within their domain so that standard and control objectives are met within our risk appetite. The ideal candidate will be able to excel within an evolving technical cybersecurity and risk landscape, function independently, all while developing influential relationships to support their customers.

Duties & Responsibilities:

  • Support the identification and quantification/qualification of risks within cybersecurity operations, data loss prevention, and encryption for the Cybersecurity segment

  • Manage the governance of issues through their lifecycle, from ideation to validation and subsequent closure

  • Execute risk assessments against defined scopes and planned initiatives in alignment with our enterprise risk management frameworks

  • Support and execute various processes such as Risk and Control Self-Assessment (RCSA), Exception Management, and assigned business governance groups

  • Provide advisory and guidance on control design, cybersecurity standards/policies, metrics, and processes to help meet regulatory or maturity requirements

  • Support executive reporting on the health and status of our risk, issues, and control portfolio

  • Act as a trusted advisor to your customer, helping work through ambiguity and providing a risk perspective to new challenges or opportunities

  • Deliver timely escalation of all issues requiring attention to senior management.

  • Performs other duties as assigned.

Basic Qualifications:

  • Bachelor’s degree in cybersecurity, risk management, or similar field
  • Minimum of 5 years of experience in Audit, Compliance, Risk Management or Operational Risk.
  • In lieu of a Bachelor’s degree 4 additional years of segment-specific or risk related experience may be considered

Preferred Qualifications:

  • 7+ years of combined technology experience in risk management, technology, cybersecurity, or related discipline within financial services industry

  • 3+ years’ experience in cybersecurity with a focus on security operations, data loss prevention, and encryption

  • 3+ years’ experience in risk management, preferably within the 1st line function

  • 2+ years’ experience in one or more cloud platforms AWS, Azure, GCP

  • 2+ years’ experience with threat modeling

  • 2 + years’ experience with cybersecurity related policy, procedures, or standards governance

  • 2 + years’ experience with quantitative/qualitative risk assessments

  • 4+ years of experience working at a Category 3 or higher financial institution

  • CISSP, GIAC, CISM, or other cybersecurity/risk management certifications

  • Excellent communication skills required to negotiate internally, often at a senior level.  


Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Office

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds:  in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Compensation Range:

$70,000 - $140,000 Annual Salary

The compensation range represents the anticipated low and high end of the base compensation range for this position. Actual compensation will vary based on various factors including but not limited to location, experience, and education.  Colleagues in this position are also eligible to participate in an applicable incentive compensation plan.  In addition, Huntington provides a variety of benefits to colleagues, including health insurance coverage, wellness program, life and disability insurance, retirement savings plan, paid leave programs, paid holidays and paid time off (PTO). 

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters:  Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume.  All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.