1

Cybersecurity Risk Management Analyst Jobs in California

RISK MANAGEMENT ANALYST

Beverly Hills, CA · On-site

$38.46 - $43.27/hr

We are seeking a Risk Management Analyst to join our Global Risk Management team in Beverly Hills, CA. This is an exciting opportunity to support a range of risk management activities across ...

Risk Management Analyst

San Jose, CA · Remote

$80K - $120K/yr

Overview We are seeking a detail-oriented and analytical Risk Management Analyst to support our clients in optimizing their workers' compensation programs. This role focuses on leveraging data ...

Cybersecurity Assessment Lead

Coronado, CA · On-site

$117K - $159K/yr

... supporting Risk Management Framework (RMF) authorization processes for customer networks and ... Analyze testing results and provide cybersecurity risk assessments to the Government SCA and ...

Support the Risk Management Framework (RMF) Assessment and Authorization processes (Steps 0 through ... Contribute to risk analysis techniques such as security impact analyses, cybersecurity tabletop ...

Apply manager-approved risk management concepts to mitigate vulnerabilities in system security ... The Cybersecurity Analyst I will be required to evaluate and implement security controls and ...

JOB SUMMARY - ESSENTIAL FUNCTIONS A Cybersecurity Analyst II performs a variety of cybersecurity ... Support the Risk Management Framework (RMF) Assessment and Authorization processes (Steps 0 through ...

Apply risk management concepts to mitigate vulnerabilities in system security architectures ... The Cybersecurity Analyst II will be required to analyze, propose, and implement security controls ...

next page

Showing results 1-20

Cybersecurity Risk Management Analyst information

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Management Analyst, and why are they important?

To thrive as a Cybersecurity Risk Management Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and regulatory frameworks, typically backed by a degree in cybersecurity or a related field. Familiarity with tools such as risk management software, vulnerability scanners, and certifications like CISSP, CISM, or CRISC is highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in translating technical risks into actionable insights for stakeholders. These skills ensure organizations can proactively identify, assess, and mitigate cyber risks to protect sensitive information and maintain regulatory compliance.

What does a Cybersecurity Risk Management Analyst do?

A Cybersecurity Risk Management Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security policies, conduct risk assessments, and recommend controls to minimize potential threats. Their work involves monitoring security measures, ensuring compliance with regulations, and helping develop strategies to protect the organization from cyberattacks. Ultimately, they play a crucial role in safeguarding sensitive information and supporting overall cybersecurity posture.

What are some typical challenges a Cybersecurity Risk Management Analyst faces when working with cross-functional teams?

Cybersecurity Risk Management Analysts often collaborate with IT, legal, compliance, and business units to identify and mitigate risks. A common challenge is bridging the communication gap between technical and non-technical stakeholders, ensuring that risk recommendations are understood and actionable. Additionally, balancing business objectives with security requirements can be complex, requiring strong negotiation and diplomacy skills. Analysts must also stay updated on evolving threats while tailoring solutions to each department’s unique needs.

What is the difference between Cybersecurity Risk Management Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk Management AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, CEH, CISSP
Work EnvironmentFocus on risk assessment, policy development, and complianceFocus on threat detection, incident response, and system monitoring
Employer & Industry UsageUsed in organizations prioritizing risk mitigation and complianceUsed across various sectors for security operations and monitoring

While both roles involve cybersecurity, the Cybersecurity Risk Management Analyst primarily assesses and manages risks, ensuring compliance and policy adherence. In contrast, the Cybersecurity Analyst concentrates on identifying threats, monitoring security systems, and responding to incidents. Both roles are essential but focus on different aspects of cybersecurity defense.

What are popular job titles related to Cybersecurity Risk Management Analyst jobs in California? For Cybersecurity Risk Management Analyst jobs in California, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management Analyst jobs in California look for? The top searched job categories for Cybersecurity Risk Management Analyst jobs in California are:
Infographic showing various Cybersecurity Risk Management Analyst job openings in California as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 83% Full Time, 8% Part Time, 2% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution.
Senior Security Risk Management Analyst

Senior Security Risk Management Analyst

TalentBurst, Inc.

Palo Alto, CA

Full-time

Medical, Dental, Vision, Retirement

Posted 19 days ago


Job description

Senior Security Risk Management Analyst
Location : Palo Alto, CA 94304
Duration : 6 Months

Description:
Client is seeking an experienced professional to join our Third-Party/ Vendor Risk Assessment team. This team focuses on analyzing and managing risks associated with our vendors, service providers, and other third parties, ensuring our organization upholds the highest standards of compliance, security, and business resilience. While your primary responsibility will be Third-Party Risk Management, you will also collaborate on other cybersecurity risk management initiatives. Building strong cross-functional relationships across the company is a key component of this role. To excel, you must showcase exceptional leadership, communication, and decision-making skills, and have a proven track record in managing third-party risk, vendor governance, or related domains.

Responsibilities:

  • Lead and conduct comprehensive risk assessments of new and existing third-party vendors and service providers, focusing on cybersecurity, and regulatory compliance.
  • Evaluate third-party security questionnaires, audit reports (e.g., SOC 2, ISO 27001), and risk documentation.
  • Coordinate with vendors to request and verify security controls, remediation plans, and ongoing compliance.
  • Oversee facilitation of risk remediation efforts agreed upon with suppliers, ensuring timely resolution.
  • Collaborate during supplier contract development, reviewing deviations from security requirements and offering subject matter expertise on risk remediation.
  • Classify vendors according to risk tiers and maintain a comprehensive database of vendor risk profiles.
  • Participate in continuous security monitoring of existing suppliers to track changing risk profiles.
  • Partner with Procurement, Legal, Privacy, and InfoSec teams to improve supplier security management processes.
  • Identify opportunities to automate parts of the assessment process, thereby reducing manual work and enhancing efficiency.
  • Keep abreast of emerging risks, industry standards, and regulatory requirements affecting third-party vendors.
  • Contribute to broader cybersecurity risk management initiatives, including identifying, assessing, and tracking information security risks beyond the third-party domain.
  • Provide guidance and knowledge transfer to team members, supporting a collaborative team environment.

Preferred Qualifications:

  • Bachelors degree in Computer Science, Information Security, Cybersecurity, Risk Management, or a related field.
  • 6-8 years of professional experience in third-party risk assessment within cybersecurity or information risk management.
  • Understanding of relevant information security frameworks, including related regulatory compliance requirements, such as ISO 27001/2 (including ISO 27017 & 18), FedRAMP, SOC 2 Trust Services Criteria, PCI DSS, NIST CSF.
  • Solid understanding of risk assessment methodologies and best practices.
  • Ability to synthesize and communicate complex risk findings to both technical and non-technical audiences.
  • Detail-oriented, process-driven, and capable of managing multiple vendor assessments concurrently.
  • Experience with tools such as Coupa, OneTrust, JIRA and Coverbase is a plus.
  • Professional certifications in Information Security or Risk Management (e.g. CISA, CISM, CISSP, CRISC) is a plus.

#TB_EN
#ZR
#Linkd

Why TalentBurst?
At TalentBurst, we deliver more than talent, we deliver outcomes. We partner with you to move quickly and connect you to opportunities aligned with your skills and long term growth.

Backed by precision, transparency, and results, we connect top talent with leading organizations through trusted partnerships.

We offer competitive compensation and comprehensive benefits, including medical, dental, vision, and retirement options.

TalentBurst is an equal opportunity employer committed to an inclusive and diverse workforce.

Company Description

Founded in 2002 by three former Monster.com executives; TalentBurst is an award-winning full-service Staffing Firm working directly with Fortune 500 companies in the US and Canada. We specialize in Contract and Contract to Permanent roles across many industries and have direct/contractual relationships with all our clients. Please visit our website www.talentburst.com or come meet us at our offices in Natick, MA, Miami, FL, Christiansburg, VA, Vineland, NJ, Houston, TX & downtown San Francisco, CA

TalentBurst logo

About TalentBurst

Sourced by ZipRecruiter

TalentBurst is a leading provider of Information Technology and Engineering staffing solutions based in Natick, Massachusetts, US. An industry veteran with two decades of experience in their portfolio, the company's services range from IT consulting, life sciences, HR solutions, payroll services, and more. TalentBurst was founded with a mission to provide world-class, global staffing services to clients of all sizes. They strive to provide unmatched quality and service to their clients, which has earned them the reputation of being a highly respected and trusted staffing firm.

Industry

Recruiting and staffing services

Company size

51 - 200 Employees

Headquarters location

Natick, MA, US

Year founded

2002

Social media