1

Cybersecurity Risk Analyst Jobs in Silver Spring, MD

Program Risk Manager

Herndon, VA · On-site

$86K - $138K/yr

... analysis, mitigation planning, stakeholder facilitation, and seniorlevel briefings. * Technical familiarity: RMF/ATO impacts, supply chain risk, cybersecurity risk integration, and program financial ...

Program Risk Manager

Herndon, VA · On-site

$86K - $138K/yr

... analysis, mitigation planning, stakeholder facilitation, and seniorlevel briefings. * Technical familiarity: RMF/ATO impacts, supply chain risk, cybersecurity risk integration, and program financial ...

About the Team We are seeking a highly skilled Principal cybersecurity engineer to architect the ... Advanced Risk Modeling: Expertise in quantitative risk analysis (e.g., Monte Carlo simulations or ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See Silver Spring, MD salary details

$15

$41

$67

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for cybersecurity risk analyst in Silver Spring, MD is $41.73, according to ZipRecruiter salary data. Most workers in this role earn between $30.72 and $50.77 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
DHS Foreign Investment Risk Analyst

DHS Foreign Investment Risk Analyst

Systems Planning and Analysis

Alexandria, VA

$110K - $140K/yr

Full-time

Medical, Life, Retirement

Posted 10 days ago


Job description

Overview

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.  

The Joint, Office of the Secretary of Defense, Interagency Division provides expert support services to a range of customers spanning across the Department of Defense, Federal Civilian, and international markets. JOID provides a diverse portfolio of analytical and programmatic capabilities to help our customers make informed decisions on their most challenging issues.

The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and program support to promote, grow, and protect the U.S. industrial base. ISAG's support spans the Department of Defense (DOD), Department of Commerce, and other agencies to deliver critical decision support to national security leaders. Our team informs policy decisions, enables execution of comprehensive strategies and monitors and reports on the effectiveness of implementation. This enables senior leaders to execute strategies for developing and sustaining a robust industrial base that meets our nation's strategic resource objectives. From policy to practice, we are a team of economic and national security professionals providing innovative solutions for our Nation's most pressing security challenges.

We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR.

Responsibilities

The Foreign Investment Risk Analyst will support Department of Homeland Security in the execution of their Committee on Foreign Investment in the United States (CFIUS) risk reduction efforts. CFIUS is an interagency committee authorized to review certain transactions involving foreign investment in the United States and certain real estate transactions by foreign persons, in order to determine the effect of such transactions on the national security. The candidate will review CFIUS filings, to include documentation relating to mergers and stock purchase agreements, corporate ownership structures, and USG contracting information. Conduct due diligence and fact-finding research with DHS stakeholders to assess risk arising from foreign direct investment and the implications relative to DHS's security interests, industrial base supply chain, dual-use technology transfer, personal data, and cybersecurity. Perform analysis on available CFIUS documentation, DHS SME assessments, and classified finished intelligence. Author risk-based assessments regarding certain foreign investments, and produce case summaries, talking points, and action memorandum for senior DHS leaders.

Qualifications

Required:

  • Bachelor's Degree with 8+ years of relevant experience.
  • Experience developing clear and concise risk summaries suitable for senior leadership.
  • Experience conducting coordination and engagement with internal and external stakeholders.
  • Proficient with Microsoft Office tools.
  • Top Secret clearance with SCI eligiblity and DHS suitability.
  • Able to work fully onsite based on client needs.

At SPA, we strive to deliver a robust total compensation package that will attract and retain top talent. Elements of the compensation package include competitive base pay and variable compensation opportunities. SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc.Please note that the salary information shown below is a general guideline only. Salaries are commensurate with experience and qualifications, as well as market and business considerations. VA Pay Transparency Salary range: $110k - $140k

Pay Range InformationAt SPA, we strive to deliver a robust total compensation package that will attract and retain top talent. Elements of the compensation package include competitive base pay and variable compensation opportunities. SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc. Please note that the salary information shown below is a general guideline only. Salaries are commensurate with experience and qualifications, as well as market and business considerations. Virginia, Pay Transparency Salary range: USD $110,000.00/Yr. - USD $140,000.00/Yr.Employment Type: FULL_TIME