... risk management in an OT / SCADA environment in two or more areas such as: * Cyber security * Secure Supply Chain * Security Analytics * Security Operations Centers * Vulnerability and Threat ...
... risk management in an OT / SCADA environment in two or more areas such as: * Cyber security * Secure Supply Chain * Security Analytics * Security Operations Centers * Vulnerability and Threat ...
... Risk Management, Threat Intelligence, and Assurance, while collaborating with various business ... Required : • Bachelor's Degree in Information Security, Cybersecurity, Computer Science, Computer ...
... Risk Management, Threat Intelligence, and Assurance, while collaborating with various business ... Required : • Bachelor's Degree in Information Security, Cybersecurity, Computer Science, Computer ...
... cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever ... Develop and execute strategies for integrated risk management (IRM), governance, risk, and ...
... cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever ... Develop and execute strategies for integrated risk management (IRM), governance, risk, and ...
Consultant - ServiceNow
Las Vegas, NV · Remote
... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... manage cyber, risk, and technology programs. Recruiting for this role ends on 12/31/2026. Work you ...
Consultant - ServiceNow
Las Vegas, NV · Remote
... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... manage cyber, risk, and technology programs. Recruiting for this role ends on 12/31/2026. Work you ...
... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional design and ...
... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional design and ...
Cybersecurity Engineering & Integration Develop secure configurations, boundary protections, and ... Security Compliance & Risk Management Guide RMF requirements at the architectural level (SSP ...
Cybersecurity Engineering & Integration Develop secure configurations, boundary protections, and ... Security Compliance & Risk Management Guide RMF requirements at the architectural level (SSP ...
Senior IT GRC Analyst
Las Vegas, NV · On-site
$80K - $165K/yr
Responsible for leading Cybersecurity and IT governance, risk, and compliance efforts, including ... Manage end-to-end issue management activities , including intake, validation, prioritization ...
Senior IT GRC Analyst
Las Vegas, NV · On-site
$80K - $165K/yr
Responsible for leading Cybersecurity and IT governance, risk, and compliance efforts, including ... Manage end-to-end issue management activities , including intake, validation, prioritization ...
... risk management in an OT / SCADA environment in two or more areas such as: * Cyber security * Secure Supply Chain * Security Analytics * Security Operations Centers * Vulnerability and Threat ...
... risk management in an OT / SCADA environment in two or more areas such as: * Cyber security * Secure Supply Chain * Security Analytics * Security Operations Centers * Vulnerability and Threat ...
... and cyber security management program, including security policy, standards, guidelines, and ... Risk Management, Audit, and Physical Security. • Oversee incident response planning, as well as ...
... and cyber security management program, including security policy, standards, guidelines, and ... Risk Management, Audit, and Physical Security. • Oversee incident response planning, as well as ...
Airport Senior Program Administrator - Principal Cybersecurity Engineer
$45.79 - $67.63/hr
This position will encompass not only technical measures, but also the governance, risk management, and compliance aspects of cybersecurity. Additionally, the successful candidate will engage in ...
Airport Senior Program Administrator - Principal Cybersecurity Engineer
$45.79 - $67.63/hr
This position will encompass not only technical measures, but also the governance, risk management, and compliance aspects of cybersecurity. Additionally, the successful candidate will engage in ...
Airport Senior Program Administrator - Principal Cybersecurity Engineer
Las Vegas, NV · On-site
$45.79 - $67.63/hr
This position will encompass not only technical measures, but also the governance, risk management, and compliance aspects of cybersecurity. Additionally, the successful candidate will engage in ...
Airport Senior Program Administrator - Principal Cybersecurity Engineer
Las Vegas, NV · On-site
$45.79 - $67.63/hr
This position will encompass not only technical measures, but also the governance, risk management, and compliance aspects of cybersecurity. Additionally, the successful candidate will engage in ...
Cyber Architect (Cyber Architect 3) 28590 with Security Clearance
Nellis Air Force Base, NV · On-site
$103K - $140K/yr
Cybersecurity Engineering & Integration • Develop secure configurations, boundary protections ... Security Compliance & Risk Management • Guide RMF requirements at the architectural level (SSP ...
Cyber Architect (Cyber Architect 3) 28590 with Security Clearance
Nellis Air Force Base, NV · On-site
$103K - $140K/yr
Cybersecurity Engineering & Integration • Develop secure configurations, boundary protections ... Security Compliance & Risk Management • Guide RMF requirements at the architectural level (SSP ...
... Risk Management (MRM) standards. • Partner with Risk, Compliance, Legal, Cybersecurity, and Data teams to ensure Responsible AI adoption. • Oversee model validation, explainability, bias testing ...
... Risk Management (MRM) standards. • Partner with Risk, Compliance, Legal, Cybersecurity, and Data teams to ensure Responsible AI adoption. • Oversee model validation, explainability, bias testing ...
AI Security Engineer Senior Manager
$109K - $149K/yr
Project Management * Financials Cyber Security Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat ...
AI Security Engineer Senior Manager
$109K - $149K/yr
Project Management * Financials Cyber Security Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat ...
... Risk, and Compliance (GRC) team - learning and supporting efforts to ensure our organization ... Ability to learn quickly, manage multiple priorities, and work effectively as part of a ...
... Risk, and Compliance (GRC) team - learning and supporting efforts to ensure our organization ... Ability to learn quickly, manage multiple priorities, and work effectively as part of a ...
... Risk, and Compliance (GRC) team - learning and supporting efforts to ensure our organization ... Ability to learn quickly, manage multiple priorities, and work effectively as part of a ...
... Risk, and Compliance (GRC) team - learning and supporting efforts to ensure our organization ... Ability to learn quickly, manage multiple priorities, and work effectively as part of a ...
Cyber Operational Technology/ Industrial Control Systems (OT/ICS) Senior Consultant
Las Vegas, NV · Remote
Risk Assessment & Vulnerability Management * Perform consequence-based risk assessments for OT ... Develop and update OT/ICS cybersecurity policies, standards, procedures, and job aids. * Deliver ...
Cyber Operational Technology/ Industrial Control Systems (OT/ICS) Senior Consultant
Las Vegas, NV · Remote
Risk Assessment & Vulnerability Management * Perform consequence-based risk assessments for OT ... Develop and update OT/ICS cybersecurity policies, standards, procedures, and job aids. * Deliver ...
Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response ...
Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response ...
IT Security Manager
Sparks, NV · On-site
... risk management across the enterprise. • Mentor and develop a diverse team of security analysts ... responsible cybersecurity experience with deep expertise in enterprise security, manufacturing ...
IT Security Manager
Sparks, NV · On-site
... risk management across the enterprise. • Mentor and develop a diverse team of security analysts ... responsible cybersecurity experience with deep expertise in enterprise security, manufacturing ...
Information Security Analyst (GRC & Operations)
Las Vegas, NV · On-site
$62K - $80K/yr
... risk reviews, and ongoing monitoring. * Deliver corporate cybersecurity training - new-hire onboarding, annual refreshers, role-based training, and phishing simulations. * Manage training and ...
Information Security Analyst (GRC & Operations)
Las Vegas, NV · On-site
$62K - $80K/yr
... risk reviews, and ongoing monitoring. * Deliver corporate cybersecurity training - new-hire onboarding, annual refreshers, role-based training, and phishing simulations. * Manage training and ...
Cyber Security Risk Management information
See Nevada salary details
$58K - $70K
1% of jobs
$70K - $81.9K
4% of jobs
$81.9K - $93.9K
5% of jobs
$93.9K - $105.8K
9% of jobs
$112.4K is the 25th percentile. Wages below this are outliers.
$105.8K - $117.8K
11% of jobs
$117.8K - $129.7K
10% of jobs
The median wage is $134.3K / yr.
$129.7K - $141.6K
28% of jobs
$148.5K is the 75th percentile. Wages above this are outliers.
$141.6K - $153.6K
14% of jobs
$153.6K - $165.5K
11% of jobs
$165.5K - $177.5K
4% of jobs
$177.5K - $189.4K
4% of jobs
$58K
$135.4K
$189.4K
How much do cyber security risk management jobs pay per year?
What are the key skills and qualifications needed to thrive as a Cyber Security Risk Management professional, and why are they important?
What is cyber security risk management?
What is the difference between Cyber Security Risk Management vs Cyber Security Analyst?
| Aspect | Cyber Security Risk Management | Cyber Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISM | CompTIA Security+, CEH, CISSP (preferred) |
| Work Environment | Policy development, risk assessment, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Organizations focusing on risk mitigation and compliance | Organizations implementing and maintaining security measures |
Cyber Security Risk Management professionals focus on identifying, assessing, and mitigating security risks at an organizational level, often involved in policy and strategy. Cyber Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the same industry, their core responsibilities differ: risk managers develop strategies, whereas analysts execute security measures and respond to threats.
What does a cyber risk manager do?
What are some typical challenges faced by professionals in Cyber Security Risk Management, and how can they be addressed?
Can you make $500,000 a year in cyber security?
Can I make $200,000 a year in cyber security?
Is security risk management a good career?

Deloitte rating
8.1
Based on 90 frontline employees who took The Breakroom Quiz
60th of 148 rated financial services
Job description
Power and Utilities OT (Operational Technology) - Manager
Position Summary
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cyber team and become a member of the largest group of cybersecurity professionals worldwide.
Recruiting for this role ends on 12/21/2026
Work you'll do
Responsibilities:
- Identify and evaluate complex business and technology risks
- Develop remediation methods to mitigate risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Identify opportunities to improve engagement profitability and manage engagement economics
- Demonstrate ability to with identify and address client needs: building solid relationships with clients; developing an awareness of Firm services; communicating with the client in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to the manager
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines
Required Skills:
- 7+ years of demonstrate advanced understanding and experience governing and implementing power and utility regulations and standards including:
- North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)
- NERC Operations and Planning (O&P)
- Federal Energy Regulatory Commission
- Transportation Security Administration (TSA) Cybersecurity
- IEC 62443 standard - Securing Industrial Automation and Control Systems (IACS)
- Nuclear Energy Institute (NEI) - NEI 08-09, 10 CFR 73.54
- 7+ years of demonstrate advanced understanding and cyber risk management in at least two of the following areas:
- SCADA with experience in securing ICS (Industrial Control Systems) security
- Internet of Things (IOT) architecture and security
- OT (Operational Technology) security
- NERC CIP-015 - Internal Network Security Monitoring (INMS)
- Embedded systems security
- OT network segmentation (zones/conduits), jump hosts, secure remote access
- Passive OT discovery/asset inventory, OT IDS, SIEM integration/use cases
- Incident response in OT (containment with availability/safety constraints)
- Vendor/OEM risk management, SBOM/patch constraints, compensating controls
- Security experience in the field environment within the Power, Utilities & Renewables, Oil & Gas, or Industrial Products & Construction industry sectors
- 7+ years of demonstrate advanced understanding of business processes and cyber risk management in an OT / SCADA environment in two or more areas such as:
- Cyber security
- Secure Supply Chain
- Security Analytics
- Security Operations Centers
- Vulnerability and Threat Management
- Data Security
- Secure Dev Ops
- Business continuity management
- Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF)
- Limited sponsorship opportunities may be available
Additional Requirements:
- Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve
- Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices.
Preferred:
- Minimum of 4 years working in an OT environment (e.g. OT security, ICS security, IOT security, SCADA, etc.)
- Minimum 4 years designing security for infrastructure, network and application architectures
- Experience in the Power Utilities & Renewables, Oil & Gas, or Industrial Products & Construction sector
- Demonstrated experience working with cloud platforms (AWS, Azure)
- 5+ years implementing security solutions
- BA/BS in cyber security, information security, engineering, computer science, information technology, information management, information sciences, business administration, or related field preferred
- CISSP, CISM, or CISA certification a plus
- Excellent verbal and written communication
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberES26
Power and Utilities OT (Operational Technology) - Manager
Position Summary
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cyber team and become a member of the largest group of cybersecurity professionals worldwide.
Recruiting for this role ends on 12/21/2026
Work you'll do
Responsibilities:
- Identify and evaluate complex business and technology risks
- Develop remediation methods to mitigate risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Identify opportunities to improve engagement profitability and manage engagement economics
- Demonstrate ability to with identify and address client needs: building solid relationships with clients; developing an awareness of Firm services; communicating with the client in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to the manager
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines
Required Skills:
- 7+ years of demonstrate advanced understanding and experience governing and implementing power and utility regulations and standards including:
- North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)
- NERC Operations and Planning (O&P)
- Federal Energy Regulatory Commission
- Transportation Security Administration (TSA) Cybersecurity
- IEC 62443 standard - Securing Industrial Automation and Control Systems (IACS)
- Nuclear Energy Institute (NEI) - NEI 08-09, 10 CFR 73.54
- 7+ years of demonstrate advanced understanding and cyber risk management in at least two of the following areas:
- SCADA with experience in securing ICS (Industrial Control Systems) security
- Internet of Things (IOT) architecture and security
- OT (Operational Technology) security
- NERC CIP-015 - Internal Network Security Monitoring (INMS)
- Embedded systems security
- OT network segmentation (zones/conduits), jump hosts, secure remote access
- Passive OT discovery/asset inventory, OT IDS, SIEM integration/use cases
- Incident response in OT (containment with availability/safety constraints)
- Vendor/OEM risk management, SBOM/patch constraints, compensating controls
- Security experience in the field environment within the Power, Utilities & Renewables, Oil & Gas, or Industrial Products & Construction industry sectors
- 7+ years of demonstrate advanced understanding of business processes and cyber risk management in an OT / SCADA environment in two or more areas such as:
- Cyber security
- Secure Supply Chain
- Security Analytics
- Security Operations Centers
- Vulnerability and Threat Management
- Data Security
- Secure Dev Ops
- Business continuity management
- Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF)
- Limited sponsorship opportunities may be available
Additional Requirements:
- Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve
- Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices.
Preferred:
- Minimum of 4 years working in an OT environment (e.g. OT security, ICS security, IOT security, SCADA, etc.)
- Minimum 4 years designing security for infrastructure, network and application architectures
- Experience in the Power Utilities & Renewables, Oil & Gas, or Industrial Products & Construction sector
- Demonstrated experience working with cloud platforms (AWS, Azure)
- 5+ years implementing security solutions
- BA/BS in cyber security, information security, engineering, computer science, information technology, information management, information sciences, business administration, or related field preferred
- CISSP, CISM, or CISA certification a plus
- Excellent verbal and written communication
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberES26