1

Cybersecurity Risk Analyst Jobs in Colorado (NOW HIRING)

This individual will apply Risk Management Framework (RMF) concepts to perform research, analysis ... Senior Cybersecurity certification: CASP+ CE, CCNP Security, CISA, CISSP, GCED, or GCIH * Active ...

Apply Early

... } Cyber Security & ITAR Analyst Salary: $100,000 - $130,000 Why This Opportunity Stands Out: • ... risk mitigation strategies from the ground up • Blend hands-on engineering with strategic ...

Sr DevSecOps Engineer

Lafayette, CO

$119K - $163K/yr

Lead threat modeling and cybersecurity risk analysis for embedded platform components, including asset identification, attack surface analysis, exploitability assessment, security controls, and ...

Lead threat modeling and cybersecurity risk analysis for embedded platform components, including asset identification, attack surface analysis, exploitability assessment, security controls, and ...

Sr DevSecOps Engineer

Lafayette, CO · On-site

$119K - $163K/yr

Lead threat modeling and cybersecurity risk analysis for embedded platform components, including asset identification, attack surface analysis, exploitability assessment, security controls, and ...

Sr DevSecOps Engineer

Lafayette, CO · On-site

$119K - $163K/yr

... cybersecurity risk analysis for embedded platform components, including asset identification, attack surface analysis, exploitability assessment, security controls, and traceability to risk ...

Analyze security logs and alerts to identify suspicious activity * Assist with incident response ... Perform risk assessments and recommend mitigation strategies * Coordinate pentests and tabletop ...

Analyze security logs and alerts to identify suspicious activity * Assist with incident response ... Perform risk assessments and recommend mitigation strategies * Coordinate pentests and tabletop ...

Analyze security logs and alerts to identify suspicious activity * Assist with incident response ... Perform risk assessments and recommend mitigation strategies * Coordinate pentests and tabletop ...

Conduct risk assessments and vulnerability analyses. * Develop and implement policies, standards ... Mentor cybersecurity and IT staff and help mature processes and frameworks. * Partner with ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See Colorado salary details

$16

$42

$69

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for cybersecurity risk analyst in Colorado is $42.57, according to ZipRecruiter salary data. Most workers in this role earn between $31.35 and $51.83 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
What cities in Colorado are hiring for Cybersecurity Risk Analyst jobs? Cities in Colorado with the most Cybersecurity Risk Analyst job openings:
Infographic showing various Cybersecurity Risk Analyst job openings in Colorado as of June 2026, with employment types broken down into 98% Full Time, and 2% Part Time. Highlights an 84% Physical, 5% Hybrid, and 11% Remote job distribution, with an average salary of $88,548 per year, or $42.6 per hour.
Senior Cyber Risk & Compliance Specialist

Senior Cyber Risk & Compliance Specialist

York Space Systems

Greenwood Village, CO • On-site

$150K - $170K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 23 days ago


Job description

York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next- generation space mission operations worldwide. Today, York is one of the most innovative aerospace companies, specializing in end-to-end customer solutions and the rapid production of spacecraft platforms. York's complete Space Segment Solution includes spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations, enabling customers to leverage York's existing technology solutions to get to orbit rapidly and responsively. We're looking to expand our team across the board.
Position Summary
York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit support, third-party risk management, and cybersecurity governance initiatives.
This role requires an experienced cybersecurity professional capable of independently leading projects, collaborating with technical and business stakeholders, and translating regulatory and security requirements into practical, scalable solutions that support York's business objectives and national security mission.
Why Join York?
• Opportunity to support one of the fastest-growing aerospace and defense companies in the industry
• Direct impact on cybersecurity, compliance, and risk management initiatives supporting national security missions
• Exposure to CMMC, NIST SP 800-171, GCC High, enterprise cybersecurity governance, and AI governance programs
• Opportunity to help build and mature a rapidly growing cybersecurity organization
• TS/SCI clearance sponsorship for qualified cybersecurity personnel
Key Responsibilities
• Lead CMMC Level 2 implementation, readiness activities, and assessment preparation
• Own control testing, validation, and compliance monitoring activities
• Manage and mature the Plan of Action & Milestones (POA&M) program
• Conduct enterprise cyber risk assessments and facilitate risk management activities
• Maintain and mature the enterprise cyber risk register
• Perform control gap analyses and develop remediation recommendations
• Lead cybersecurity vendor and third-party risk reviews
• Support SOX IT General Controls (ITGC) compliance activities and audit engagements
• Coordinate internal and external audit responses
• Develop, maintain, and improve cybersecurity policies, standards, baselines, and procedures
• Support enterprise AI governance and cybersecurity governance initiatives
• Partner with IT, Engineering, Security Operations, Legal, HR, and business stakeholders to drive compliance and risk reduction efforts
• Support governance and oversight of cybersecurity technologies and platforms including Microsoft GCC High, identity and access management solutions, endpoint security technologies, and compliance management platforms
• Mentor junior team members and provide guidance on cybersecurity governance and compliance best practices
• Independently manage cybersecurity projects and program initiatives from planning through execution
Required Qualifications
• 7+ years of cybersecurity, risk, compliance, audit, governance, or related experience
• Experience supporting one or more cybersecurity frameworks such as CMMC, NIST SP 800-171, NIST Cybersecurity Framework (CSF), RMF, ISO 27001, FedRAMP, SOC 2, or SOX
• Experience conducting risk assessments and control evaluations
• Experience supporting audits, assessments, or regulatory compliance initiatives
• Strong understanding of cybersecurity risk management principles
• Excellent written and verbal communication skills
• Ability to work effectively across technical and non-technical teams
• Strong project management and organizational skills
• Ability to obtain a US security clearance
• Willingness to work onsite at our Greenwood Village, CO location
• US Citizenship
Preferred Qualifications
Experience in the following areas:
• Supporting defense, aerospace, government contracting, or highly regulated environments
• Supporting Microsoft GCC High environments
• Hyperproof or similar GRC platforms
• Supporting cybersecurity governance initiatives in cloud and hybrid enterprise environments
• Supporting AI governance, data governance, or emerging technology governance programs
Preferred Certifications
• CISSP
• CRISC
• CISA
• CMMC CCP or CCA
• Security+
Benefits
In addition to compensation, York Space Systems is proud to offer a comprehensive benefits package including medical, dental, and vision insurance along with PTO and a 401K.
How To Apply
Interested candidates are encouraged to apply by clicking the "Apply" link at the top of the page. York Space Systems will be accepting applications on a rolling basis until the position is closed. York Space Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, military or protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Must have permanent authorization to work in the United States. This policy applies to all terms and conditions or employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. YORK SPACE SYSTEMS IS AN EEO EMPLOYER.