1

Cybersecurity Risk Management Analyst Jobs in California

Risk Management & Assessment: * Lead comprehensive cybersecurity risk assessments across the ... Analyze access trends and "over-privileged" accounts to recommend Least Privilege improvements and ...

Risk Management & Assessment: o Lead comprehensive cybersecurity risk assessments across the ... Strong analytical thinking with the ability to prioritize complex tasks within a fast-paced ...

Oversee cybersecurity controls and risk management practices across cloud platforms, including ... Strong analytical and problem-solving skills, with the ability to assess risks and implement ...

Cyber and IT Risk Management Job Qualifications: Skills: Continuous Monitoring, Security ... cybersecurity event monitoring, focused on incident detection, triage, and analysis with the ...

Apply risk management concepts to mitigate vulnerabilities in system security architectures ... Familiarity with NIST 800-53 and CNSSI 1253 RMF Analysis and Accreditation * Familiarity with ...

next page

Showing results 1-20

Cybersecurity Risk Management Analyst information

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Management Analyst, and why are they important?

To thrive as a Cybersecurity Risk Management Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and regulatory frameworks, typically backed by a degree in cybersecurity or a related field. Familiarity with tools such as risk management software, vulnerability scanners, and certifications like CISSP, CISM, or CRISC is highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in translating technical risks into actionable insights for stakeholders. These skills ensure organizations can proactively identify, assess, and mitigate cyber risks to protect sensitive information and maintain regulatory compliance.

What does a Cybersecurity Risk Management Analyst do?

A Cybersecurity Risk Management Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security policies, conduct risk assessments, and recommend controls to minimize potential threats. Their work involves monitoring security measures, ensuring compliance with regulations, and helping develop strategies to protect the organization from cyberattacks. Ultimately, they play a crucial role in safeguarding sensitive information and supporting overall cybersecurity posture.

What are some typical challenges a Cybersecurity Risk Management Analyst faces when working with cross-functional teams?

Cybersecurity Risk Management Analysts often collaborate with IT, legal, compliance, and business units to identify and mitigate risks. A common challenge is bridging the communication gap between technical and non-technical stakeholders, ensuring that risk recommendations are understood and actionable. Additionally, balancing business objectives with security requirements can be complex, requiring strong negotiation and diplomacy skills. Analysts must also stay updated on evolving threats while tailoring solutions to each department’s unique needs.

What is the difference between Cybersecurity Risk Management Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk Management AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, CEH, CISSP
Work EnvironmentFocus on risk assessment, policy development, and complianceFocus on threat detection, incident response, and system monitoring
Employer & Industry UsageUsed in organizations prioritizing risk mitigation and complianceUsed across various sectors for security operations and monitoring

While both roles involve cybersecurity, the Cybersecurity Risk Management Analyst primarily assesses and manages risks, ensuring compliance and policy adherence. In contrast, the Cybersecurity Analyst concentrates on identifying threats, monitoring security systems, and responding to incidents. Both roles are essential but focus on different aspects of cybersecurity defense.

What are popular job titles related to Cybersecurity Risk Management Analyst jobs in California? For Cybersecurity Risk Management Analyst jobs in California, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management Analyst jobs in California look for? The top searched job categories for Cybersecurity Risk Management Analyst jobs in California are:
Infographic showing various Cybersecurity Risk Management Analyst job openings in California as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 83% Full Time, 8% Part Time, 2% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution.
Senior Cybersecurity GRC Analyst

Senior Cybersecurity GRC Analyst

Protingent

San Jose, CA • On-site

$85 - $95/hr

Contractor

Medical, Retirement, PTO

Posted 25 days ago


Job description


Job Title: Senior Cybersecurity GRC Analyst
Position Description: Protingent Staffing has an exciting contract Senior Cybersecurity GRC Analystwith our client located in San Jose, CA.
Job Responsibilities:
  • Governance & Compliance Leadership:
    • Develop and manage the overarching Compliance Program to ensure alignment with industry standards (e.g., SOC2, NIST 800-171, ISO 27001, NIST 800-53).
    • Partner with IT Security Operations to ensure security controls are properly designed, implemented, and operating effectively.
    • Lead the end-to-end cybersecurity audit process (internal and external), including the preparation of response documentation and the execution of remediation plans.
    • Develop and distribute high-level information security reports and compliance dashboards to key stakeholders.
  • Risk Management & Assessment:
    • Lead comprehensive cybersecurity risk assessments across the enterprise, identifying vulnerabilities and recommending prioritized mitigation strategies.
    • Develop and maintain the Corporate Risk Register, tracking risk acceptance, treatment plans, and residual risk.
    • Perform quantitative and qualitative risk analysis to inform executive decision-making and resource allocation.
  • Identity & Access Governance:
    • Oversee and collaborate with stakeholders to execute quarterly user access reviews (UAR) and monthly user activity monitoring.
    • Ensure timely completion, technical accuracy, and rigorous documentation of all access reviews to meet audit requirements.
    • Analyze access trends and "over-privileged" accounts to recommend Least Privilege improvements and role-based access control (RBAC) refinements.
  • Third-Party Risk Management (TPRM):
    • Own and maintain Third-Party Risk Management evaluation practices, ensuring vendors are vetted against corporate security standards to mitigate supply-chain risk.
  • Policy & Process Engineering:
    • Author, maintain, and update information security policies and Standard Operating Procedures (SOPs) to ensure alignment with evolving industry standards.
    • Manage and govern Change Management processes to ensure security stability and compliance during technical transitions.

Job Qualifications:
  • Experience: Minimum 10 years of experience managing Cybersecurity compliance programs from inception to completion.
  • Technical Expertise: Hands-on experience with SOC 2 and a deep understanding of IT technical security controls.
  • Framework Proficiency: Expert knowledge of industry-standard programs (e.g., ISO 27001, CIS v8.1, NIST 800-53, NIST 800-171, CMMC, FedRAMP).
  • Analytical Skills: Strong analytical thinking with the ability to prioritize complex tasks within a fast-paced, evolving environment.
  • Communication: Excellent interpersonal, verbal, and written communication skills, with the ability to work effectively as a team player or independently.
  • Security Knowledge: A strong foundation in IT security concepts with a heavy emphasis on Security Risk Assessment.
  • Certifications: Relevant professional certifications such as CISSP, CISM, or CISA.
Nice To Have:
  • Exceptional ability to tailor complex technical communication for both technical audiences and non-technical executive leadership.

Job Details:
  • Job Type: Contract
  • Pay Range: $85 - $95 an hour.
  • Location: San Jose, CA (Onsite).

Benefits Package: Protingent offers competitive salaries, insurance plan options (HDHP plan or POS plan), education/certification reimbursement, pre-tax commuter benefits, Paid Time Off (PTO), and an administered 401k plan.
About Protingent: Protingent is an Award-Winning provider of top-tier Engineering and IT talent, trusted by companies at the forefront of innovation - from Software and Aerospace to AI, Clean Tech, Medical Devices, and Connected Technologies. We're passionate about making a positive impact by connecting exceptional talent with meaningful opportunities and helping our clients build the future.
Meet Your Recruiter
Himanshu Joshi