1

Cybersecurity Risk Analyst Jobs in Colorado (NOW HIRING)

Your Mission We are seeking a driven and detail-oriented Enterprise Risk Analyst to support two ... Monitor vendor risk signals including cybersecurity advisories, regulatory actions, and contractual ...

Senior Analyst, Cyber GRC

Westminster, CO · On-site

$110K - $157K/yr

The Senior Analyst, Cybersecurity Governance, Risk, and Compliance (GRC) is responsible for defining and supporting the execution and day-to-day operation of Ball Corporation's enterprise ...

Senior Analyst, Cyber GRC

Westminster, CO · On-site +1

$110K - $157K/yr

The Senior Analyst, Cybersecurity Governance, Risk, and Compliance (GRC) is responsible for defining and supporting the execution and daytoday operation of Ball Corporation's enterprise cybersecurity ...

Performing analysis at all levels of the lifecycle, ensuring security posture is maintained from ... Risk Management Framework (RMF) * Assessment & Authorization (A&A) * Supporting Certificate to ...

Cybersecurity Manager

Denver, CO · On-site

$114K - $154K/yr

... analysis • Security compliance and audit processes • Risk assessment and management methodologies • Cybersecurity maturity models and capability assessment • Security metrics, KPIs, and ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See Colorado salary details

$16

$42

$69

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for cybersecurity risk analyst in Colorado is $42.57, according to ZipRecruiter salary data. Most workers in this role earn between $31.35 and $51.83 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
What cities in Colorado are hiring for Cybersecurity Risk Analyst jobs? Cities in Colorado with the most Cybersecurity Risk Analyst job openings:
Infographic showing various Cybersecurity Risk Analyst job openings in Colorado as of June 2026, with employment types broken down into 98% Full Time, and 2% Part Time. Highlights an 84% Physical, 5% Hybrid, and 11% Remote job distribution, with an average salary of $88,548 per year, or $42.6 per hour.
Senior Cybersecurity Risk Analyst - USA Remote

Senior Cybersecurity Risk Analyst - USA Remote

Danaher

Denver, CO • Remote

$130K - $160K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 14 days ago


Danaher rating

7.5

Company rating: 7.5 out of 10

Based on 28 frontline employees who took The Breakroom Quiz


Job description

Bring more to life.

At Danaher, our work saves lives. And each of us plays a part. Fueled by our culture of continuous improvement, we turn ideas into impact - innovating at the speed of life.

Our 60,000+ associates work across the globe at more than 15 unique businesses within life sciences, diagnostics, and biotechnology.

Are you ready to accelerate your potential and make a real difference? At Danaher, you can build an incredible career at a leading science and technology company, where we're committed to hiring and developing from within. You'll thrive in a culture of belonging where you and your unique viewpoint matter.

Learn about the Danaher Business System which makes everything possible.

The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk activities across the vendor lifecycle and contributing to enterprise risk register operations across the Danaher operating companies. This role offers opportunities to work at the intersection of cyber risk, supply-chain integrity, and enterprise risk reporting across a global, multi-operating-company environment.

This position is part of the Corporate Information Security and will be located as Remote.

In this role, you will have the opportunity to:

  • Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review, scoring, and final risk decisioning under the direction of the TPRM Lead

  • Review and provide cybersecurity input on third-party contracts (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses, AI-specific addenda), partnering with Legal, Privacy, and Procurement to land defensible positions and consistent redlines

  • Assess supply-chain and geopolitical risk (including country-of-origin and concentration concerns) and apply AI vendor risk frameworks (NIST AI RMF, ISO/IEC 42001) to AI-enabled products and services in the vendor portfolio

  • Serve as the connective tissue between central TPRM and the OpCo 3rd-Party Questionnaire & Response Coordinators, providing guidance on intake, scoring consistency, escalation paths, and Procurement engagement so vendor risk is handled the same way across the portfolio

  • Contribute to enterprise risk register operations and data quality, including consistent risk capture, cross-OpCo aggregation, and executive-grade reporting that informs the OpCo QBR and CISO updates

The essential requirements of the job include:

  • Strong working knowledge of third-party risk management frameworks and methodologies (e.g., Shared Assessments SIG, NIST SP 800-161, ISO/IEC 27036) and the underlying security and privacy regulatory landscape (GDPR, HIPAA, PCI DSS, SOX)

  • Demonstrated experience administering vendor security questionnaires, reviewing evidence (SOC 2, ISO 27001, penetration test reports), applying scoring consistently at scale, and communicating findings to vendors and internal stakeholders

  • Working familiarity with the cybersecurity provisions in vendor contracts (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses) and the ability to coordinate redlines with Legal, Privacy, and Procurement.

  • Hands-on experience operating an enterprise or program-level risk register, with attention to data quality, aggregation methodology, and reporting fluency for executive audiences.

  • 7+ years of experience in third-party risk, enterprise risk management, vendor security, or related governance work.

It would be a plus if you also possess previous experience in:

  • Experience applying AI vendor risk frameworks such as NIST AI RMF and ISO/IEC 42001, and assessing supply-chain and geopolitical concentration risk including country-of-origin scrutiny.

  • Familiarity with GRC platforms (e.g., OneTrust, ServiceNow IRM, RSA Archer) and vendor risk tooling, along with excellent written and verbal communication skills and proven experience influencing stakeholders at all organizational levels, including senior leadership.

At Danaher we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Danaher can provide.

The salary range for this role is $130K-$160K. This is the range that we in good faith believe is the range of possible compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range. This range may be modified in the future.

This job is also eligible for bonus/incentive pay. #LI-Remote

We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance and 401(k) to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.


For more information, visit www.danaher.com.


Danaher Corporation and all Danaher Companies are committed to equal opportunity regardless of race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law.


The U.S. EEO posters are available here.


For candidates who are based outside of New York City or who are applying for roles outside of New York City, for more information about conditions of any job offer please click here


We comply with federal and state disability laws and make reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact:1-202-419-7762 or applyassistance@danaher.com.


What Danaher employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Danaher logo

About Danaher

Sourced by ZipRecruiter

We are a science and technology innovator committed to helping our customers solve complex challenges, and improving quality of life around the world. A global family of more than 20 operating companies, we drive meaningful innovation in some of today's most dynamic, growing industries.

Industry

Medical equipment and supplies manufacturing

Company size

10,000+ Employees

Headquarters location

Washington, DC, US

Year founded

1984