ZipRecruiter

Log In

1

Cybersecurity Risk Analyst Jobs in Virginia (NOW HIRING)

GDIT

Cyber Security Analyst

Manassas, VA

$85K - $115K/yr

Cyber and IT Risk Management Job Qualifications: Skills: Cyber Defense, Monitoring Tools ... Yes CYBERSECURITY ANALYST Summary: Seize your opportunity to make a personal impact as a ...

Connect Talent Solutions

Sr. Cyber Analyst

Hampton, VA

$97K - $125K/yr

Provides recommendations to activity leadership on processes and methodologies to assess cybersecurity risk on information systems. Works with other Cyber Analysts, SMEs, and SCA-Rs to ensure that ...

Peraton

Program Risk Manager

Herndon, VA · On-site

$86K - $138K/yr

... analysis, mitigation planning, stakeholder facilitation, and seniorlevel briefings. * Technical familiarity: RMF/ATO impacts, supply chain risk, cybersecurity risk integration, and program financial ...

Peraton

Program Risk Manager

Herndon, VA

$86K - $138K/yr

... analysis, mitigation planning, stakeholder facilitation, and senior-level briefings. * Technical familiarity: RMF/ATO impacts, supply chain risk, cybersecurity risk integration, and program financial ...

next page

Showing results 1-20

All JobsCybersecurity Risk Analyst JobsCybersecurity Risk Analyst Jobs in Virginia

Cybersecurity Risk Analyst information

See Virginia salary details

$15

$40

$65

How much do cybersecurity risk analyst jobs pay per hour?

As of Jun 23, 2026, the average hourly pay for cybersecurity risk analyst in Virginia is $40.14, according to ZipRecruiter salary data. Most workers in this role earn between $29.57 and $48.85 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Can I make $200,000 a year in cyber security?

Cybersecurity Risk Analysts can potentially earn $200,000 or more annually, especially with advanced certifications like CISSP, extensive experience, and specialized skills in areas such as threat management or security architecture. High salaries are often found in senior roles, management positions, or in organizations with complex security needs. Factors like location, industry, and company size also influence earning potential.

What does a cyber risk analyst do?

A cybersecurity risk analyst evaluates an organization’s information systems to identify vulnerabilities and assess potential threats. They analyze security data, develop risk mitigation strategies, and recommend security improvements, often using tools like risk assessment frameworks and security software. The role requires strong analytical skills and knowledge of cybersecurity principles and standards.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

Is SOC 1 entry level?

SOC 1 (Service Organization Control 1) reports are audit reports used by organizations to demonstrate controls over financial reporting. The term SOC 1 itself does not specify an entry-level position; however, roles involved in preparing or auditing SOC 1 reports, such as cybersecurity risk analysts or auditors, typically require some experience in controls, compliance, or auditing, but entry-level positions may assist with documentation and testing under supervision.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires advanced roles such as cybersecurity executives, consultants, or specialists with extensive expertise and leadership responsibilities.
Cybersecurity Risk Analyst jobs near you
Infographic showing various Cybersecurity Risk Analyst job openings in Virginia as of June 2026, with employment types broken down into 67% Full Time, and 33% Contract. Highlights an 100% In-person job distribution, with an average salary of $83,487 per year, or $40.1 per hour.

Journeyman Intelligence Risk Analyst

Systems Planning and Analysis

Arlington, VA • Hybrid

Full-time

This job post has expired today. Applications are no longer accepted.

Job description

Overview

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.  

The Joint, Office of the Secretary of Defense, Interagency Division (JOID) provides expert support services to a range of customers spanning across the Department of Defense, Federal Civilian, and international markets. JOID provides a diverse portfolio of analytical and programmatic capabilities to help our customers make informed decisions on their most challenging issues.

The Critical Infrastructure Group (CIG) within JOID provides technical, programmatic and analytical support to customers with missions in national security to include the Department of Homeland Security (DHS), Health and Human Services (HHS), and the Federal Aviation Administration (FAA). The Group brings technical and operational expertise in fields of countering weapons of mass destruction, critical infrastructure protection, emergency response, nuclear non-proliferation, weapons deployment programs, and transportation safety. In addition to management and advisory services, CIG staff collaborate closely with our clients to provide high-quality modeling, simulation, software, and analytical products to meet the most demanding government standards and timelines.

We have a near-term need for a Jr. Intel Analyst to provide hybrid support out of Arlington, VA.

Responsibilities

Provide skills and services necessary to conduct research and analysis of evolving cybersecurity and technology risk areas within DHS equities and in support of client case reviews and investigations, threat assessments, and special projects through the identification of cybersecurity and technology risk posed to U.S. national security by foreign transactions and/or ownership and involvement in licensing activities. Provide routine services necessary to support the efficient analytic workflow, information, and knowledge management of client cases, reviews, and various program support projects. Conduct open-source intelligence research, risk analysis, and risk communication. Apply specialized capabilities in core areas of interest, including but not limited to open-source intelligence research and analysis, supply chain risk management, and financial risk analysis.

Qualifications

Required:

  • Bachelor's degree, with preference given for areas relating to national security or STEM field.
  • 3+ years of work experience in a research and analysis or intelligence position, or at least 1 year experience working at DHS CISA.
  • Excellent written and oral communication skills.
  • Demonstrated ability to conduct independent, data-driven research and analysis.
  • Possess TS/SCI clearance prior to starting work.
Employment Type: FULL_TIME

Apply