1

Cybersecurity Risk Management Analyst Jobs (NOW HIRING)

As Alcoa's Cybersecurity Risk Management program continues to mature, the Analyst plays a critical role in shaping and enhancing program capabilities. About the Role: * Contribute to the development ...

As Alcoa's Cybersecurity Risk Management program continues to mature, the Analyst plays a critical role in shaping and enhancing program capabilities. About the Role: * Contribute to the development ...

Cybersecurity Risk Analyst

Evansville, IN · On-site

$36.93 - $55.40/hr

... Cybersecurity Risk Analyst to join our Information Security team. In this role, you will help ... Maintain risk registers, dashboards, and other risk management documentation * Develop reports and ...

Cybersecurity Risk Analyst

Cambridge, MA · On-site

$82K - $220K/yr

This role contributes to the Cybersecurity Risk Management team in applying contractual and regulatory requirements to include DFARS and CMMC to Draper's unclassified computing environments. This ...

Cybersecurity Risk Analyst

Cambridge, MA · On-site

$82K - $220K/yr

This role contributes to the Cybersecurity Risk Management team in applying contractual and regulatory requirements to include DFARS and CMMC to Draper's unclassified computing environments. This ...

This role contributes to the Cybersecurity Risk Management team in applying contractual and regulatory requirements to include DFARS and CMMC to Draper's unclassified computing environments. This ...

next page

Showing results 1-20

Cybersecurity Risk Management Analyst information

See salary details

$15

$40

$65

How much do cybersecurity risk management analyst jobs pay per hour?

As of Jul 12, 2026, the average hourly pay for cybersecurity risk management analyst in the United States is $40.49, according to ZipRecruiter salary data. Most workers in this role earn between $29.81 and $49.28 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Management Analyst, and why are they important?

To thrive as a Cybersecurity Risk Management Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and regulatory frameworks, typically backed by a degree in cybersecurity or a related field. Familiarity with tools such as risk management software, vulnerability scanners, and certifications like CISSP, CISM, or CRISC is highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in translating technical risks into actionable insights for stakeholders. These skills ensure organizations can proactively identify, assess, and mitigate cyber risks to protect sensitive information and maintain regulatory compliance.

What does a Cybersecurity Risk Management Analyst do?

A Cybersecurity Risk Management Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security policies, conduct risk assessments, and recommend controls to minimize potential threats. Their work involves monitoring security measures, ensuring compliance with regulations, and helping develop strategies to protect the organization from cyberattacks. Ultimately, they play a crucial role in safeguarding sensitive information and supporting overall cybersecurity posture.

What are some typical challenges a Cybersecurity Risk Management Analyst faces when working with cross-functional teams?

Cybersecurity Risk Management Analysts often collaborate with IT, legal, compliance, and business units to identify and mitigate risks. A common challenge is bridging the communication gap between technical and non-technical stakeholders, ensuring that risk recommendations are understood and actionable. Additionally, balancing business objectives with security requirements can be complex, requiring strong negotiation and diplomacy skills. Analysts must also stay updated on evolving threats while tailoring solutions to each department’s unique needs.

What is the difference between Cybersecurity Risk Management Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk Management AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, CEH, CISSP
Work EnvironmentFocus on risk assessment, policy development, and complianceFocus on threat detection, incident response, and system monitoring
Employer & Industry UsageUsed in organizations prioritizing risk mitigation and complianceUsed across various sectors for security operations and monitoring

While both roles involve cybersecurity, the Cybersecurity Risk Management Analyst primarily assesses and manages risks, ensuring compliance and policy adherence. In contrast, the Cybersecurity Analyst concentrates on identifying threats, monitoring security systems, and responding to incidents. Both roles are essential but focus on different aspects of cybersecurity defense.

More about Cybersecurity Risk Management Analyst jobs
What cities are hiring for Cybersecurity Risk Management Analyst jobs? Cities with the most Cybersecurity Risk Management Analyst job openings:
What states have the most Cybersecurity Risk Management Analyst jobs? States with the most job openings for Cybersecurity Risk Management Analyst jobs include:
What job categories do people searching Cybersecurity Risk Management Analyst jobs look for? The top searched job categories for Cybersecurity Risk Management Analyst jobs are:
Infographic showing various Cybersecurity Risk Management Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $84,210 per year, or $40.5 per hour.

Senior Cybersecurity Risk Management Analyst

Exactsciences

Madison, WI • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

This job post has expired today. Applications are no longer accepted.


Job description

Help us change lives

At Exact Sciences, we're helpingchange how the world prevents, detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career, an inclusive culture, and robust benefits to support your life while you're working to help others.

Position Overview

At Exact Sciences, we are cancer fighters. We are united by our mission to change lives by providing earlier, smarter answers. Through advances in cancer detection and treatment guidance, we will help eradicate the disease and the suffering it causes. Exact Sciences' Cybersecurity organization supports this mission by defending the millions of digital patient, practitioner, and employee lives within ourenvironments. Defending today and securing tomorrow is no small feat. To help achieve this, the team is in search of a cybersecurity risk management subject matter expert to join our collaborative team comprised of passionate experts.

The Senior Cybersecurity Risk Management Analyst, reporting to the Director of Cybersecurity Strategy & GRC, is responsible for supporting and advancing the organization's cybersecurity risk management program. This role requires a deep understanding of security and IT risk principles, processes, and practices, combined with the ability to integrate security into business operations. The position demands both technical expertise and strong cultural awareness to effectively identify, assess, monitor, and report cybersecurity risks across the enterprise.

This role requires regular onsite work in Madison, WI.

Essential Duties

Include, but are not limited to, the following:

  • Support cybersecurity risk management activities by assisting with defined stages of the risk management lifecycle and completing assigned analyses under established methodologies.
  • Maintain and contribute to the global cybersecurity risk register.
  • Assist management by providing input to cybersecurity risk appetite discussions and support implementation and enforcement efforts-making it relevant to the business on a day-to-day basis.
  • Aggregate and evaluate cybersecurity risks to support management and leadership reporting, ensuring accuracy and consistency for various global audiences.
  • Build trust and effectively facilitate risk identification/analysis/treatment discussions.
  • Proactively obtain information on emerging risks and threats and effectively analyze against the risk posture.
  • Support the delivery of risk management education by preparing materials, reinforcing frameworks, and responding to stakeholder questions.
  • Work with leadership to support the prioritization of initiatives aligned with strategic goals.
  • Act as a resource providing training, guidance, and mentoring to less experienced staff.
  • Collaborate with stakeholders to remediate visibility and capability gaps and breakdown roadblocks standing in the way of a robust security posture.
  • Enable the maturation of the security program functions within the cybersecurity team and with key business partners.
  • Research and summarize industry insights and best practices, along with interpreting impact of requirements from governing authorities.
  • Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
  • Support and comply with the company's Quality Management System policies and procedures.
  • Maintain regular and reliable attendance.
  • Ability to act with an inclusion mindset and model these behaviors for the organization.
  • Ability to travel 10% of working time away from work location, may include overnight/weekend travel.

Minimum Qualifications

  • Bachelor's Degree in field related to essential duties; or Associate Degree and 2 years of relevant experience; or High School Diploma or General Education Degree (GED) and 4 years of relevant experience.
  • 6+ years of professional experience in a cybersecurity or IT governance, risk, compliance, or operations role.
  • 1+ years of experience with cybersecurity risk management.
  • Demonstrated experience with security risk management and compliance frameworks (e.g., NIST, ISO, HIPAA).
  • Experience evaluating risk rating methodologies to appropriately convey the enterprise cybersecurity posture.
  • Demonstrable experience conducting risk assessments and facilitating executive level risk discussions.
  • Experience managing cybersecurity risks through the risk management lifecycle, in a globally regulated enterprise a plus.
  • Solid grasp of security governance, risk, and compliance concepts.
  • Technically proficient in performing assigned duties at a high-level of independence under minimal supervision while working within a team environment.
  • Demonstrated leadership skills, ability to influence outcomes in a complex environment, where you may/may not have formal reporting responsibility.
  • Excellent communication skills, appropriately adapting based on audience needs, through all mediums-verbal, written, presentation, and listening.
  • Able to be agile and work with ambiguity.
  • Proficient+ in Microsoft Office programs, such as PowerPoint, Excel, Outlook, and Word.
  • Demonstrated ability to perform the essential duties of the position with or without accommodation.
  • Authorization to work in the United States without sponsorship.

Preferred Qualifications

  • Relevant certification(s) in the field of cybersecurity, risk, audit, or program/project management.
  • Experience contributing to the build and continuous improvement of the risk management environment, in a globally regulated enterprise strongly preferred.
  • Experience with enterprise GRC management platforms (e.g., ServiceNow, OneTrust); implementation experience a plus.
  • Advanced proficiency in program/project management to drive program build efficiently and effectively.
  • Experience in healthcare or biotech industries.
#LI-GV1

Salary Range:

$101,000.00 - $172,000.00

The annual base salary shown is for this position located in US - WI - Madison on a full-time basis. In addition, this position is bonus eligible.

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation, holidays, volunteering, and personal time), paid leave for parents and caregivers, a retirement savings plan, wellness support, and health benefits including medical, prescription drug, dental, and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team, and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation, please contact us here.

Not ready to apply? Join our Talent Community to stay updated on the latest news and opportunities at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, protected veteran status, and any other status protected by applicable local, state, or federal law.

To view the Right to Work, E-Verify Employer, and Pay Transparency notices and Federal, Federal Contractor, and State employment law posters, visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.