Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Cybersecurity Risk Analyst
Evansville, IN · On-site
$36.93 - $55.40/hr
Help Protect the Technology That Supports Patient Care We are seeking a skilled Cybersecurity Risk Analyst to join our Information Security team. In this role, you will help identify, evaluate ...
Cybersecurity Risk Analyst
Evansville, IN · On-site
$36.93 - $55.40/hr
Help Protect the Technology That Supports Patient Care We are seeking a skilled Cybersecurity Risk Analyst to join our Information Security team. In this role, you will help identify, evaluate ...
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing ...
Cybersecurity Risk Analyst
Cambridge, MA · On-site
$82K - $220K/yr
The Cybersecurity Risk Analyst is a member of Draper's Cybersecurity Risk Management team, responsible primarily for unclassified information system risk and compliance efforts. This role contributes ...
Cybersecurity Risk Analyst
Cambridge, MA · On-site
$82K - $220K/yr
The Cybersecurity Risk Analyst is a member of Draper's Cybersecurity Risk Management team, responsible primarily for unclassified information system risk and compliance efforts. This role contributes ...
Cybersecurity Risk Analyst
Irving, TX · On-site
The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by ...
Cybersecurity Risk Analyst
Irving, TX · On-site
The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by ...
Cybersecurity Risk Analyst
Cambridge, MA · Hybrid
$82K - $220K/yr
The Cybersecurity Risk Analyst is a member of Draper's Cybersecurity Risk Management team, responsible primarily for unclassified information system risk and compliance efforts. This role contributes ...
Cybersecurity Risk Analyst
Cambridge, MA · Hybrid
$82K - $220K/yr
The Cybersecurity Risk Analyst is a member of Draper's Cybersecurity Risk Management team, responsible primarily for unclassified information system risk and compliance efforts. This role contributes ...
Cyber Security Risk Analyst Work Location: Required onsite work at the client location at Scott Air Force Base, Illinois with situational telework only Electrosoft Inc. is seeking a Cyber Security ...
Cyber Security Risk Analyst Work Location: Required onsite work at the client location at Scott Air Force Base, Illinois with situational telework only Electrosoft Inc. is seeking a Cyber Security ...
Cybersecurity Risk Analyst
Irving, TX · Hybrid
The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by ...
Cybersecurity Risk Analyst
Irving, TX · Hybrid
The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by ...
MDAEdge is seeking a Cybersecurity Risk Analyst to join their team. The role involves developing and conducting risk assessments for applications, infrastructure, and vendors, while collaborating ...
MDAEdge is seeking a Cybersecurity Risk Analyst to join their team. The role involves developing and conducting risk assessments for applications, infrastructure, and vendors, while collaborating ...
Cyber Security Risk Analyst
Belleville, IL · On-site
$115K - $125K/yr
If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Cyber Security Risk Analyst Work Location: Required onsite work at the client ...
Cyber Security Risk Analyst
Belleville, IL · On-site
$115K - $125K/yr
If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Cyber Security Risk Analyst Work Location: Required onsite work at the client ...
Cybersecurity Risk Analyst
Manassas, VA · On-site
ECLARO is a leading technology solutions provider seeking a Cybersecurity Risk Analyst for their client in Manassas, VA. The role involves managing Third-Party Risk Management (TPRM) operations and ...
Cybersecurity Risk Analyst
Manassas, VA · On-site
ECLARO is a leading technology solutions provider seeking a Cybersecurity Risk Analyst for their client in Manassas, VA. The role involves managing Third-Party Risk Management (TPRM) operations and ...
The Cyber Security Risk Analyst will support the creation and visualization of metrics to reduce threats across the Enterprise and assist in the implementation of the Risk Management Framework and ...
The Cyber Security Risk Analyst will support the creation and visualization of metrics to reduce threats across the Enterprise and assist in the implementation of the Risk Management Framework and ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise.
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise.
Cybersecurity Risk Analyst
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise.
Cybersecurity Risk Analyst
$62K - $141K/yr
Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise.
Cyber Security Risk Analyst
New York, NY · On-site
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
Cyber Security Risk Analyst
New York, NY · On-site
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
Job Summary The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing ...
Job Summary The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Share Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global ...
Cybersecurity Risk Analyst
Alexandria, VA · On-site
$62K - $141K/yr
Share Cybersecurity Risk Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global ...
Cyber Security Risk Analyst
New York, NY · On-site
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
Cyber Security Risk Analyst
New York, NY · On-site
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk ...
Cybersecurity Risk Analyst information
See salary details
$15.38 - $19.97
3% of jobs
$19.97 - $24.56
7% of jobs
$24.56 - $29.15
12% of jobs
$30.05 is the 25th percentile. Wages below this are outliers.
$29.15 - $33.74
15% of jobs
$33.74 - $38.33
13% of jobs
The median wage is $38.48 / hr.
$38.33 - $42.92
16% of jobs
$42.92 - $47.51
8% of jobs
$48.08 is the 75th percentile. Wages above this are outliers.
$47.51 - $52.10
11% of jobs
$52.10 - $56.69
6% of jobs
$56.69 - $61.28
6% of jobs
$61.28 - $65.87
3% of jobs
$15
$40
$65
How much do cybersecurity risk analyst jobs pay per hour?
What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Analyst | Cybersecurity Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISA | CompTIA Security+, CEH, CISSP |
| Primary Focus | Assessing and managing security risks | Monitoring, detecting, and responding to security threats |
| Work Environment | Risk management teams, security departments | Security operations centers, IT teams |
| Industry Usage | Finance, healthcare, government | All industries with cybersecurity needs |
While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.
What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?
Is 30 too old for cyber security?
How much does a cybersecurity risk analyst make?
What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?
What does a Cybersecurity Risk Analyst do?
What does a cyber security risk analyst do?
Can you make $500,000 a year in cyber security?

Full-time
Retirement, PTO
Posted 3 days ago
Alcoa rating
7.8
Based on 15 frontline employees who took The Breakroom Quiz
Job description
At Alcoa, you will become an essential part of our purpose: to turn raw potential into real progress. The way we see it, every Alcoan is a work-shaper, team-shaper, idea-shaper & world-shaper.
Alcoa is seeking a Cyber Security Risk Analyst to serve as a key contributor to the cybersecurity risk management program, providing subject matter expertise in identifying, assessing, and managing risks across both Information Technology (IT) and Operational Technology (OT) environments. This role supports informed business decision-making by translating complex technical risks into business and operational impact. The Analyst independently leads risk assessments and partners closely with IT, OT, audit, and senior leaders to ensure cybersecurity risks are understood, documented, mitigated, and monitored in accordance with corporate policies and industry standards.
As Alcoa's Cybersecurity Risk Management program continues to mature, the Analyst plays a critical role in shaping and enhancing program capabilities.
About the Role:
- Contribute to the development, implementation, and continuous improvement of the Cybersecurity Risk Management Program, including frameworks, methodologies, policies, standards, and supporting tools.
- Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments, including enterprise systems and manufacturing/process control systems (PCS).
- Facilitate risk workshops with technical and business stakeholders to evaluate risks associated with new technologies, projects, and operational changes.
- Serve as a subject matter expert on risk methodology, scoring, and evaluation.
- Maintain and enhance the cybersecurity risk register, including risk scoring, treatment plans, and residual risk tracking.
- Support and guide risk treatment strategies (mitigation, acceptance, transfer, avoidance) and partner with compliance teams to design and implement appropriate controls.
- Translate technical risk findings into clear business and operational impact statements for non-technical audiences and senior leadership.
- Advise leadership on risk exposure, trends, and residual risks, including impacts to business operations and production.
- Define, monitor, and report Key Risk Indicators (KRIs) and emerging threat trends.
- Support audit, regulatory, and compliance activities (e.g., ISO 27001, NIST, SOC) related to cybersecurity risk management.
- Collaborate with Enterprise Risk Management (ERM) and Operations Risk Management teams to ensure alignment and integration of cybersecurity risks into broader risk reporting.
- Build and maintain strong relationships with stakeholders across IT, OT, business units, and risk management functions.
- Continuously monitor evolving cyber threats, emerging technologies, and industry practices to enhance risk management processes and capabilities.
What you can bring to this role:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, Risk Management, or a related discipline; equivalent professional experience may be considered in lieu of a degree.
- 6+ years of experience in cybersecurity, IT risk management, information security, governance, compliance, or IT operations within enterprise environments.
- Demonstrated experience assessing cybersecurity risk across IT and OT environments; experience in manufacturing or industrial organizations preferred.
- Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, CIS Controls, SOX).
- Proven experience executing core GRC activities, including risk assessments, policy and standard development, control validation, audit support, and remediation tracking.
- Expertise in cybersecurity governance, risk assessment, and compliance program implementation.
- Experience using Governance, Risk, and Compliance (GRC) tools and risk reporting dashboards.
- Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis.
- Excellent written, verbal, and facilitation skills, with the ability to translate complex technical risks into clear business impacts.
- Demonstrated ability to collaborate effectively with cross-functional stakeholders, including technical teams, operations, and senior leadership, while managing multiple priorities in fast-paced environments.
Preferred Qualifications
- Relevant industry certifications such as CISSP, CISM, CRISC, CISA, CGRC, Security+, GRCP, or equivalent.
- Experience with third-party/vendor risk management, regulatory compliance assessments, and security awareness programs.
- Experience supporting global environments and contributing to enterprise-wide security or compliance initiatives.
- Experience supporting audits and assurance activities, including ISO/IEC 27001 certification and SOC report reviews.
- Familiarity with security operations capabilities, including SIEM, log analysis, and event monitoring for compliance and incident response.
- Understanding of enterprise security domains, including cloud security, infrastructure security, and identity and access management (IAM).
- Working knowledge of project management methodologies and practices.
- Experience in metals, mining, manufacturing, or other heavy industrial environments.
What we offer:
- Competitive compensation packages, including pay-for performance variable pay, recognition and rewards programs, and stock-based compensation awards (3-year vesting schedule)
- Flexible spending accounts and generous employer contribution to the HSA
- 401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period), and a non-qualified deferred compensation plan
- 12 paid holidays per year.
- 15 days of paid vacation (pro-rated from hire date).
- Employee Assistance Program (EAP)
#LI-TL2
Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
About the Location
Alcoa is an international company with multiple locations and joint ventures across six continents. Wherever you choose to join us, you'll be joining a global team committed to advancing sustainability and delivering excellence and innovation. As industry pioneers, we are redefining what it means to be a sustainable aluminum company, bridging the journey from mines to metal.
We are values led, vision driven and united by our purpose of transforming raw potential into real progress. Our commitments to Inclusion, Diversity & Equity include providing trusting workplaces that are safe, respectful and inclusive of all individuals, free from discrimination, bullying and harassment and that our workplaces reflect the diversity of the communities in which we operate.
As a proud equal opportunity workplace and affirmative action employer, Alcoa is dedicated to providing equal opportunities and equal access to all individuals regardless of a person's gender, age, race, ethnicity, sexual orientation, gender identity, religion, nation of origin, disability, veteran status, language spoken or any other characteristic or status protected by the laws or regulations in the places where we operate.
If you have visited our website in search of information on U.S. employment opportunities or to apply for a position, and you require an accommodation, please contact Alcoa Recruiting via email at gssrecruiting@alcoa.com.
This is a place where you are empowered to do your best work, be your authentic self, and feel a true sense of belonging. Come join us and shape your career!
Your work. Your world. Shape them for the better.
About Alcoa
Sourced by ZipRecruiter
Alcoa is a global industry leader in the production of bauxite, alumina and aluminum, a position enhanced by a portfolio of value-added cast products and select energy assets. Since developing the aluminum industry more than 135 years ago, Alcoa has built a legacy of breakthrough innovations and best practices that have led to efficiency, safety, sustainability and stronger communities wherever we operate.
Industry
Manufacturing
Company size
10,000+ Employees
Headquarters location
Pittsburgh, PA, US
Year founded
1888