1

Cybersecurity Risk Analyst Jobs in Massachusetts

Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting ... QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security ...

Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting ... QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security ...

Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting ... QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security ...

Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting ... QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security ...

Apply Early

Senior IT Risk Analyst (First Line of Defense) Rockland Trust is seeking a Senior IT Risk Analyst ... Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Accounting, Finance ...

... CyberSecurity, and Remote Services (iSOC) divisions to create meaningful 'Hybrid Security ... The Risk Operations Analyst will use internal and external intelligence sources to support active ...

Sr. Cyber Security Analyst

Boston, MA · Hybrid

$108K - $140K/yr

... Sr. Cyber Security Analyst Locations: Waltham, MA / Boston, MA - Hybrid / New York / Florida ... Collaborating with cross-functional teams, you will drive risk-informed decision-making, support ...

Sr. Cyber Security Analyst

Waltham, MA · Hybrid

$107K - $139K/yr

... Sr. Cyber Security Analyst Locations: Waltham, MA / Boston, MA - Hybrid / New York / Florida ... Collaborating with cross-functional teams, you will drive risk-informed decision-making, support ...

Sr. Cyber Security Analyst

Waltham, MA · On-site

$107K - $139K/yr

... Sr. Cyber Security Analyst Locations: Waltham, MA / Boston, MA - Hybrid / New York / Florida ... Collaborating with cross-functional teams, you will drive risk-informed decision-making, support ...

G., predictive modeling, risk indicators, trend analysis) to Cybersecurity or technology risk ... problems. * Experience incorporating or experimenting with AIenabled analytics or development tools ...

The analyst monitors threats and incidents, supports resilience and training platforms, and ... Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity ...

The analyst monitors threats and incidents, supports resilience and training platforms, and ... Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity ...

The analyst monitors threats and incidents, supports resilience and training platforms, and ... Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity ...

... analysis, documentation, stakeholder communications, and overall project delivery efficiency. * Identify opportunities to apply AI-enabled solutions to compliance, cybersecurity, risk management, and ...

Risk Operations Analyst Position: Wednesday - Saturday 11:00am -9:00pm Pay Rate: $28.00p/h Role ... CyberSecurity, and Remote Services (iSOC) divisions to create meaningful 'Hybrid Security ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See Massachusetts salary details

$16

$44

$71

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for cybersecurity risk analyst in Massachusetts is $44.21, according to ZipRecruiter salary data. Most workers in this role earn between $32.55 and $53.80 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
Infographic showing various Cybersecurity Risk Analyst job openings in Massachusetts as of June 2026, with employment types broken down into 98% Full Time, and 2% Part Time. Highlights an 85% Physical, 5% Hybrid, and 10% Remote job distribution, with an average salary of $91,967 per year, or $44.2 per hour.
Senior Risk & Compliance Analyst

Senior Risk & Compliance Analyst

Whoop

Boston, MA • On-site

$130K - $170K/yr

Full-time

Posted 15 days ago


Job description

RESPONSIBILITIES:
  • Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control effectiveness, and residual risk.
  • Maintain and operate the enterprise cyber risk register, including drafting risk statements, tracking mitigation plans, and supporting governance and reporting processes.
  • Translate technical findings, architectural concerns, and control gaps into clear business risk scenarios that support prioritization and decision-making.
  • Support and help mature quantitative cyber risk analysis approaches such as FAIR to improve how risk is measured and communicated.
  • Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting.
  • Partner with Security Architecture to assess risk in system designs, cloud architecture, identity models, data flows, and platform changes.
  • Collaborate with Security Engineering, Product Security, Legal, IT, and business teams to evaluate new initiatives, technology changes, artificial intelligence use cases, and third-party integrations through a risk lens.
  • Conduct risk assessments for emerging technologies including artificial intelligence and machine learning systems, evaluating data usage, model behavior, external dependencies, and security implications.
  • Evaluate risks associated with the use of artificial intelligence technologies, including model behavior, data exposure, prompt or input manipulation, and external model dependencies.
  • Develop dashboards and reporting that provide leadership with visibility into key cybersecurity risks and trends.
  • Track mitigation progress and risk treatment activities to ensure accountability and clear documentation of outcomes.
  • Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program.

QUALIFICATIONS:
  • 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field.
  • Demonstrated experience conducting structured cybersecurity or IT risk assessments.
  • Experience maintaining risk registers and tracking risk mitigation or treatment activities.
  • Strong understanding of security frameworks such as NIST CSF, ISO 27001, or PCI DSS, and familiarity with regulatory environments such as GDPR, HIPAA or other privacy and data protection requirements.
  • Ability to translate technical findings into clear business risk for non-technical stakeholders.
  • Strong written and verbal communication skills with experience presenting findings to cross-functional teams.
  • Experience working with engineering, architecture, legal, compliance, and business stakeholders.
  • Experience assessing risks related to artificial intelligence, machine learning systems, or emerging technologies, including familiarity with emerging AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or similar standards.
  • Professional certifications such as CRISC, CISSP, CISM, CISA, or CGRC are a plus.

This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.
Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility
The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values.
At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success.
The U.S. base salary range for this full-time position is $130,000 - $170,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training.
In addition to the base salary, the successful candidate will also receive benefits and a generous equity package.
These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements.

Whoop logo

About Whoop

Sourced by ZipRecruiter

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers users (Olympians, Professional Athletes, Fitness Enthusiasts, etc) to perform at a higher level through a deeper understanding of their bodies and daily lives.

Industry

Fitness and sports centers

Company size

501 - 1,000 Employees

Headquarters location

Boston, MA, US

Year founded

2012