1

Cybersecurity Risk Analyst Jobs in New York (NOW HIRING)

Conduct structured assessments, data analysis, control evaluations, and risk reviews to identify opportunities for improving cybersecurity maturity and operational effectiveness. * Lead client ...

Cyber Security Analyst Healthcare (2 3 Years Experience) Company: AaraTech Inc About the Role ... Risk Analysis, Security Operations Center (SOC), Log Analysis, SIEM Tools, Network Security ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See New York salary details

$16

$44

$72

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 4, 2026, the average hourly pay for cybersecurity risk analyst in New York is $44.29, according to ZipRecruiter salary data. Most workers in this role earn between $32.60 and $53.89 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
Infographic showing various Cybersecurity Risk Analyst job openings in New York as of June 2026, with employment types broken down into 100% Full Time. Highlights an 87% Physical, 4% Hybrid, and 9% Remote job distribution, with an average salary of $92,128 per year, or $44.3 per hour.
Cybersecurity Analyst- Department of Education

Cybersecurity Analyst- Department of Education

FEDSYNC

Manhattan, NY • On-site

$95K - $140K/yr

Full-time

Posted 17 days ago


Job description

Please note: This position description is for RFQ response. There is no active vacancy at this time.
About FedSync:
Since our inception, FedSync has stood for Accountability, Integrity, Teaming, Value, Innovation, and Quality-the core values that define who we are. Our vision is to collaborate with innovative, forward-thinking leaders to deliver solutions that look beyond today. Our mission is to provide the federal government with proven, innovative solutions that transform organizations by equipping them with the right tools and people to meet tomorrow's challenges. At FedSync, our people matter-both our employees and our clients.
Position Overview
The Cybersecurity Analyst proactively monitors, detects, and responds to security threats across networks, systems, and cloud environments to ensure the protection of sensitive DOE data and maintain enterprise resilience. This role drives risk reduction by analyzing incidents, implementing controls, and collaborating with cross-functional teams to strengthen the organization's security posture. Five (5) Cybersecurity Analysts are required for this engagement. Work will be a hybrid schedule withe 3 days in the office and 2 days of telework.
Key Responsibilities
  • Perform threat triage, incident investigation, and risk analysis to protect the confidentiality, integrity, and availability of DOE systems, applications, and data assets.
  • Analyze security alerts and events to identify indicators of compromise (IOCs), attack patterns, and emerging threats across on-premises, cloud, and hybrid environments.
  • Correlate security data from disparate sources to develop a unified view of organizational cyber risk, enabling informed decision-making and prioritization.
  • Identify vulnerabilities, misconfigurations, and protection gaps across infrastructure, cloud platforms, and data-centric environments; validate findings and assess potential business impact.
  • Monitor, analyze, and detect cybersecurity threats across multiple security domains including Security Operations (SOC), Cloud Security, Infrastructure Security, Information Protection, and Data Protection.
  • Monitor security alerts through the SIEM platform and execute immediate triage and incident response protocols.
  • Conduct proactive threat hunting to identify hidden threats and adversary behavior.
  • Implement, tune, and manage DLP controls across endpoints, email, and cloud collaboration platforms.
  • Ensure alignment with federal and regulatory security standards (NIST, FISMA) and internal cybersecurity policies.
  • Contribute to continuous improvement of security operations by documenting findings, trends, and lessons learned from incidents and risk assessments.

Minimum Qualifications
  • 5+ years of experience in cybersecurity analysis, security operations, or a related field.
  • Demonstrated experience performing threat triage, incident response, and risk analysis.
  • Proficiency with SIEM platforms, vulnerability scanners, and cloud security tools.
  • Working knowledge of NIST and FISMA compliance frameworks.
  • Experience supporting security in large enterprise or public-sector environments preferred.

Required Certifications (one or more)
  • CISSP, CompTIA Security+, CompTIA CySA+
  • CEH (Certified Ethical Hacker)
  • GCIA, GCIH, CISA, or CCSP

Technologies & Tools
  • SIEM: Devo / Splunk
  • Vulnerability Scanners: Rapid7 / Armis
  • Cloud Platforms: AWS / Azure
  • Wireshark, SQL, Python, MS Power BI, Microsoft Office Suite

Acceptable background check including criminal history background check and credit Check.