ZipRecruiter

Log In

1

Cyber Security Risk Management Jobs in California

Crunchbase

Director of IT & Cybersecurity

San Francisco, CA ยท On-site +1

$206K - $242K/yr

Cybersecurity, Risk & Compliance Management * Define and lead the company's enterprise cybersecurity and risk management strategy * Establish scalable security governance frameworks, policies, and ...

Grant Thornton

Cybersecurity Senior Manager

San Francisco, CA ยท On-site

$130K - $176K/yr

... project management skills. Responsibilities include managing and performing cybersecurity ... Support cybersecurity risk and control remediation and security control implementation activities.

GDIT

Cybersecurity Analyst SME

Seaside, CA

Cyber and IT Risk Management Job Qualifications: Skills: Continuous Monitoring, Security ... The SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage ...

Masimo

Principal Cybersecurity Architect

Irvine, CA

$170K - $210K/yr

Collaborate with Quality, Regulatory, and Risk Management teams to support cybersecurity compliance and product lifecycle security activities. * Serve as a trusted advisor to engineering leadership ...

Masimo

Principal Cybersecurity Architect

Irvine, CA ยท On-site

$170K - $210K/yr

Collaborate with Quality, Regulatory, and Risk Management teams to support cybersecurity compliance and product lifecycle security activities. * Serve as a trusted advisor to engineering leadership ...

next page

Showing results 1-20

All JobsCyber Security Risk Management JobsCyber Security Risk Management Jobs in California

Cyber Security Risk Management information

See California salary details

$56.3K

$131.2K

$183.6K

How much do cyber security risk management jobs pay per year?

As of Jun 10, 2026, the average yearly pay for cyber security risk management in California is $131,221.00, according to ZipRecruiter salary data. Most workers in this role earn between $109,500.00 and $148,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Security Risk Management professional, and why are they important?

To thrive in Cyber Security Risk Management, you need a solid understanding of risk assessment methodologies, information security frameworks (such as ISO 27001 or NIST), and often a relevant degree or certification like CISSP or CISM. Familiarity with security tools, vulnerability assessment platforms, and risk management software is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for identifying threats and conveying risk to stakeholders. These skills ensure that organizations can proactively manage and mitigate cyber threats, safeguarding critical assets and maintaining compliance.

What is cyber security risk management?

Cyber security risk management is the process of identifying, assessing, and prioritizing risks to an organization's information systems and data. It involves evaluating potential threats and vulnerabilities, determining the likelihood and impact of these risks, and implementing measures to mitigate or manage them. Effective risk management helps organizations protect sensitive data, ensure regulatory compliance, and minimize the impact of cyber attacks. This process is ongoing and adapts to new threats and changes in technology.

What is the difference between Cyber Security Risk Management vs Cyber Security Analyst?

AspectCyber Security Risk ManagementCyber Security Analyst
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, CEH, CISSP (preferred)
Work EnvironmentPolicy development, risk assessment, strategic planningMonitoring security systems, incident response, vulnerability analysis
Employer & Industry UsageOrganizations focusing on risk mitigation and complianceOrganizations implementing and maintaining security measures

Cyber Security Risk Management professionals focus on identifying, assessing, and mitigating security risks at an organizational level, often involved in policy and strategy. Cyber Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the same industry, their core responsibilities differ: risk managers develop strategies, whereas analysts execute security measures and respond to threats.

What are some typical challenges faced by professionals in Cyber Security Risk Management, and how can they be addressed?

Professionals in Cyber Security Risk Management often encounter challenges such as staying updated with rapidly evolving threats, balancing security needs with business objectives, and ensuring compliance with various regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and the implementation of robust risk assessment frameworks. Collaboration with IT, legal, and business teams is essential to develop practical security policies that protect assets without hindering operations.

Can you make $500,000 a year in cyber security?

Cyber security risk management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or with specialized skills such as threat intelligence or security architecture. Achieving this income typically requires extensive experience, advanced certifications like CISSP or CISM, and working in high-demand industries or organizations with complex security needs.
What are popular job titles related to Cyber Security Risk Management jobs in California? For Cyber Security Risk Management jobs in California, the most frequently searched job titles are:
What job categories do people searching Cyber Security Risk Management jobs in California look for? The top searched job categories for Cyber Security Risk Management jobs in California are:
What cities in California are hiring for Cyber Security Risk Management jobs? Cities in California with the most Cyber Security Risk Management job openings:
Cyber Security Risk Management jobs near you
Infographic showing various Cyber Security Risk Management job openings in California as of June 2026, with employment types broken down into 2% As Needed, 45% Full Time, 46% Part Time, 2% Temporary, and 5% Contract. Highlights an 92% Physical, 3% Hybrid, and 5% Remote job distribution, with an average salary of $131,221 per year, or $63.1 per hour.
Third Party Risk Management Capability Lead

Third Party Risk Management Capability Lead

Pacific Life Insurance Company

Newport Beach, CA โ€ข On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 14 days ago

Pacific Life rating

6.8

Company rating: 6.8 out of 10

Based on 6 frontline employees who took The Breakroom Quiz

230th of 260 rated insurance

Job description

Job Description:
The Third Party Risk Management (TPRM) Capability Lead is a senior individual contributor responsible for governing and overseeing Pacific Life's enterprise TPRM program within the 2nd line of defense, with clear accountability for the design, maintenance, and enforcement of policies, standards, and control frameworks. This role ensures robust cybersecurity, resilience, and third party due diligence practices are consistently applied and aligned with regulatory expectations, while driving continuous enhancement of governance structures supporting third party outsourcing risk. This is a hybrid role (4 days per week onsite) in our Newport Beach, CA office.
Operating with a high degree of autonomy, the TPRM Lead leverages deep subject matter expertise to oversee risk assessment, due diligence, and ongoing monitoring activities, with particular emphasis on cybersecurity controls, data protection, and critical vendor dependencies. The role partners closely with procurement, legal, information security, and business leaders to ensure risks across third and fourth party relationships are appropriately identified, governed, and mitigated.
As a trusted advisor, this role provides independent challenge and oversight to the first line of defense, ensuring adherence to established policies and control expectations while managing complex deliverables end-to-end. The position operates with minimal supervision within a team of approximately 35 professionals in Operational Risk & Resilience, part of Enterprise Risk Management, and collaborates closely with Service Owners, Service Managers, Service Leads, Capability Leads, and OR&R liaisons supporting effective first line execution.
How you will make an impact:
  • Govern and enforce adherence to TPRM policies, standards, and control frameworks across the enterprise
  • Ensure alignment with applicable regulatory expectations (e.g., NAIC, state DOI) and industry standards (e.g., NIST, ISO, Shared Assessments)
  • Oversee and challenge third party due diligence reviews that span cybersecurity, data privacy, business continuity, financial, and operational risk elements
  • Partner with the 1st line of defense to identify control gaps, assess residual risk, and ensure timely development and execution of risk treatment plans
  • Escalate material risks, control deficiencies, and vendor issues through established governance and risk committee structures
  • Develop and deliver executive and committee level reporting on third party risk exposure, trends, and emerging third party risks
  • Serve as a trusted advisor to the business while providing effective 2nd line challenge to ensure appropriate risk based decisions
  • Leverage industry best practices and external insights to strengthen governance, oversight, and program maturity

The experience you will bring:
  • Bachelor's degree or equivalent professional experience
  • Minimum 5+ years of experience in third-party risk management, operational risk, information security risk, or related GRC disciplines
  • In-depth knowledge of TPRM frameworks, lifecycle practices, and regulatory expectations
  • Strong understanding of interconnected risk domains (cybersecurity, privacy, business continuity, and vendor operational risk)
  • Proven ability to solve complex problems using both conceptual and practical approaches
  • Demonstrated ability to operate independently with minimal guidance and sound judgment
  • Experience in financial services, preferably life insurance or annuities
  • Familiarity with industry frameworks and standards (e.g., NIST CSF, ISO 27001/22301, Shared Assessments SIG/VRMMM)
  • Relevant professional certifications (e.g., CRVPM, CISA, CRISC, CISSP, CTPRP) and experience with TPRM platforms/continuous monitoring tools
  • Strong competencies in analytical thinking, stakeholder influence, communication, and driving continuous improvement5+ years of relevant experience in business resilience, business continuity, or operational resilience

What will make you stand out:
  • Demonstrated governance mindset, with proven ownership of TPRM policies, standards, and control frameworks, and ability to enforce consistent adherence across the enterprise
  • Bring deep expertise in cybersecurity due diligence and third party risk domains, with the ability to independently challenge assessments and drive risk informed decisions
  • Operate as a highly credible second line advisor, effectively balancing partnership with the business while delivering objective challenge and oversight
  • Proven track record of enhancing program maturity, including implementing scalable monitoring, improving control effectiveness, and aligning to evolving regulatory expectations
  • Excel at translating complex risk insights into clear, executive-level reporting and actionable recommendations for senior leadership and risk committees

#LI-SD
Base Pay Range:
The base pay range noted represents the company's good faith minimum and maximum range for this role at the time of posting. The actual compensation offered to a candidate will be dependent upon several factors, including but not limited to experience, qualifications and geographic location. Also, most employees are eligible for additional incentive pay.
$113,490.00 - $138,710.00
Your Benefits Start Day 1
Your wellbeing is important to Pacific Life, and we're committed to providing you with flexible benefits that you can tailor to meet your needs. Whether you are focusing on your physical, financial, emotional, or social wellbeing, we've got you covered.
  • Prioritization of your health and well-being including Medical, Dental, Vision, and Wellbeing Reimbursement Account that can be used on yourself or your eligible dependents
  • Generous paid time off options including: Paid Time Off, Holiday Schedules, and Financial Planning Time Off
  • Paid Parental Leave as well as an Adoption Assistance Program
  • Competitive 401k savings plan with company match and an additional contribution regardless of participation

You Can Be Who You Are
We are committed to a culture of diversity and inclusion that embraces the authenticity of all employees, partners and communities. We support all employees to thrive and achieve their fullest potential.
What's life like at Pacific Life? Visit Instagram.com/lifeatpacificlife
EEO Statement:
Pacific Life Insurance Company is an Equal Opportunity /Affirmative Action Employer, M/F/D/V. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact a Human Resources Representative at Pacific Life Insurance Company.
Pacific Life logo

About Pacific Life

Sourced by ZipRecruiter

When you purchase life insurance and retirement solutions, you're buying a promise. A promise that today, tomorrow or ten years from now, we'll be there. For more than 150 years, our clients have trusted Pacific Life to protect what matters most to them - their families, their businesses, their futures.

Industry

Finance and insurance

Company size

1,001 - 5,000 Employees

Headquarters location

Newport Beach, CA, US

Year founded

1868

Social media

FacebookTwitter

View All Pacific Life Jobs

Apply