1

Data Risk Analyst Jobs in Arizona (NOW HIRING)

... the data set. * Applies qualitative risk analysis methodologies, including likelihood/impact ... matrices to produce accurate, prioritized risk ratings. * Conducts regular audits of the risk ...

... the data set. * Applies qualitative risk analysis methodologies, including likelihood/impact ... matrices to produce accurate, prioritized risk ratings. * Conducts regular audits of the risk ...

... the data set. * Applies qualitative risk analysis methodologies, including likelihood/impact ... matrices to produce accurate, prioritized risk ratings. * Conducts regular audits of the risk ...

... the data set. * Applies qualitative risk analysis methodologies, including likelihood/impact ... matrices to produce accurate, prioritized risk ratings. * Conducts regular audits of the risk ...

Coordinates data transfer to interest rate risk analyst, reviews output for accuracy, and interprets results. * Analyzes and identifies balance sheet risk components and income drivers. * Assists ...

The data and reports are critical to meet all control and regulatory requirements, company policies ... Analyze large datasets to identify trends, anomalies, and emerging risks across various risk ...

The data and reports are critical to meet all control and regulatory requirements, company policies ... Analyze large datasets to identify trends, anomalies, and emerging risks across various risk ...

Join the Compliance Risk & OGC Operational Reporting (CROR) Data Domain team and help modernize how ... This role sits at the intersection of data analytics, analytics engineering, and data product ...

next page

Showing results 1-20

Data Risk Analyst information

See Arizona salary details

$31.7K

$77K

$126.7K

How much do data risk analyst jobs pay per year?

As of Jul 14, 2026, the average yearly pay for data risk analyst in Arizona is $77,011.00, according to ZipRecruiter salary data. Most workers in this role earn between $58,200.00 and $90,400.00 per year, depending on experience, location, and employer.

What are the typical daily responsibilities of a Data Risk Analyst?

As a Data Risk Analyst, your typical day might involve monitoring data systems for vulnerabilities, conducting risk assessments, analyzing data usage trends, and preparing risk reports for management. You’ll collaborate frequently with IT teams, compliance officers, and business stakeholders to identify potential risks and ensure that risk mitigation strategies are being implemented correctly. Additionally, you may be involved in developing data governance policies and assisting with audits to ensure compliance with industry standards. This role offers a dynamic work environment where adaptability and continuous learning are key.

What does a Data Risk Analyst do?

A Data Risk Analyst identifies, assesses, and mitigates risks related to data security, compliance, and integrity. They analyze data flows, detect vulnerabilities, and ensure regulatory requirements are met. Their role involves working with IT, compliance, and business teams to develop risk management strategies. They also monitor data usage, implement security controls, and provide recommendations to minimize potential threats.

What are the key skills and qualifications needed to thrive in the Data Risk Analyst position, and why are they important?

To thrive as a Data Risk Analyst, you need strong analytical abilities, knowledge of risk assessment frameworks, proficiency in statistics, and a relevant degree in fields like finance, data science, or information security. Experience with data analytics tools (such as SQL, Python, R), risk management software, and certifications like CRISC or CISA is highly valuable. Strong attention to detail, problem-solving capability, and effective communication skills set outstanding candidates apart. These combined skills are essential for identifying, evaluating, and mitigating risk in data-driven environments, ensuring organizational data integrity and regulatory compliance.

Is a data analyst a high salary?

Data analysts typically earn competitive salaries that vary based on experience, location, and industry. Entry-level positions may start lower, but experienced data analysts with skills in SQL, Excel, and data visualization tools can command higher wages, especially in tech and finance sectors.

Is 40 too late for data science?

A Data Risk Analyst can enter data science at any age, as the field values skills like programming, statistics, and domain knowledge. Many professionals transition into data science later in their careers by gaining relevant certifications, such as in Python or machine learning, and building a portfolio of projects. Age is less important than skills, experience, and continuous learning in this field.

Will AI replace a data analyst?

AI is expected to automate routine data processing tasks, but the role of a data analyst involves interpreting complex data, providing insights, and making strategic decisions that require human judgment. Data analysts will increasingly work alongside AI tools, focusing on analysis, storytelling, and decision support rather than manual data handling.

What does a data risk analyst do?

A data risk analyst evaluates and manages risks related to data security, privacy, and compliance within an organization. They analyze data processes, identify vulnerabilities, and implement controls using tools like data governance frameworks and risk assessment methodologies to protect sensitive information.
Infographic showing various Data Risk Analyst job openings in Arizona as of July 2026, with employment types broken down into 67% Full Time, and 33% Temporary. Highlights an 100% In-person job distribution, with an average salary of $77,011 per year, or $37 per hour.
Senior GRC Analyst

Senior GRC Analyst

Clayco

Phoenix, AZ • On-site

Other

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 26 days ago


Job description

About Us

Clayco is a full-service, turnkey real estate development, master planning, architecture, engineering, and construction firm that safely delivers clients across North America the highest quality solutions on time, on budget, and above and beyond expectations. With $8.1 billion in revenue for 2025, Clayco specializes in the "art and science of building," providing fast track, efficient solutions for mission critical, industrial, life sciences, power & energy, aviation, commercial, institutional, residential and sports & entertainment related building projects.

The Role We Want You For

Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Risk Management is the primary owner and operational steward of the Enterprise Risk Register. This role is responsible for ensuring all identified risk is accurately captured, properly rated, assigned to an accountable owner, actively worked, and driven to resolution across the Clayco organization. The analyst functions as the operational hub of the risk lifecycle — from initial intake and classification through remediation coordination, escalation, stakeholder accountability, and reporting. This is a high-accountability, process-driven role that demands both technical depth and organizational influence. The analyst transforms the risk register from a static document into a dynamic governance instrument — one that delivers a clear, current, and quantified view of organizational risk exposure to leadership. Additional responsibilities will be assigned as deemed necessary. Any travel is usually planned in advance, but issues may arise which warrant immediate travel to one or more satellite locations.

The Specifics of the Role

  • Assumes the ownership and maintenance of the Enterprise Risk Register as the authoritative system of record for all identified risks across the Clayco organization.
  • Enforces rigorous data integrity standards: no missing owners, undefined due dates, stale entries, or incomplete risk descriptions.
  • Establishes and maintains a consistent process for risk creation, categorization, severity rating, and treatment classification to ensure comparability and defensibility of the data set.
  • Applies qualitative risk analysis methodologies, including likelihood/impact matrices to produce accurate, prioritized risk ratings.
  • Conducts regular audits of the risk register to surface stale, incomplete, or improperly rated entries and drive timely corrections with risk owners.
  • Maintains comprehensive documentation for each risk, including: risk description, affected assets and systems, threat source, inherent risk rating, current controls, residual risk, treatment decision, assigned owner, and target remediation date.
  • Manages the full risk lifecycle from intake through closure, including periodic re-evaluation of accepted risks to confirm continued acceptability.
  • Serve as the primary coordinator and driver of risk remediation and mitigation activities, ensuring every open risk has an actionable, time-bound treatment plan with a clearly accountable owner.
  • Collaborates with risk owners and technical teams to develop realistic remediation plans that define specific tasks, milestones, resource requirements, and completion criteria.
  • Coordinates corrective and preventive actions (CAPA) arising from audit findings, control failures, and policy exceptions, tracking each to verified closure.
  • Tracks and monitors remediation progress across all open items; proactively identify blockers, resource gaps, and at-risk milestones before they result in missed deadlines.
  • Escalates risks with insufficient remediation progress, missed SLAs, or unacceptable residual risk levels to the GRC Manager and relevant leadership with supporting data and recommended courses of action.
  • Assumes operational ownership of Vulnerability Management and External Attack Surface Management (EASM) processes:
  • In collaboration with SOC, ensures that Vulnerability Scanning output ingested into Workflow platform has high fidelity with accurate association with CI’s
  • In collaboration with SOC, ensures that EASM output ingested into Workflow Platform has high fidelity with accurate association with CI’s
  • Ensures effective tuning and appropriate scoring of Risk Rating algorithm
  • Ensures effective execution of assignment Rules and track remediation activity
  • Remediates Unknown/Unclassed CI’s from scanning output and tune assignment Rules
  • Ensures timely and accurate reporting of active Risk and Vulnerability by severity as well as performance against Remediation targets process.
  • Collaborates cross-functionally with other Information Technology teams and Business Stakeholders across the Organization
  • Engages as necessary in all GRC functions to maintain an understanding of process and procedures
  • Provides leadership with comprehensive reports of compliance-focused activities and outcomes, as requested.

Requirements

  • 5-7+ years’ experience in Risk & Compliance Assessment, Audit & Reporting, or similar functions, preferably within the Information Security or Technology fields
  • 3-4+ years working specifically in Information Security roles involving Risk Analysis, Information System Security Assessment, Compliance Audit with Regulations, Frameworks, & Standards
  • Bachelor's degree in Information Technology or related field, or equivalent experience
  • Required Certifications: Certified in Risk & Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Systems Security Professional (CISSP) (Current status, or obtained within 9 months of assuming role)
  • Strong experience leveraging auditing principles and methods to evaluate policies, processes, systems, and vendors to identify business risks and control gaps
  • Experience in administering Risk management programs for technology and information security
  • Strong, technical knowledge of modern Systems, Services, Cloud Applications/Platforms, Identity Services, and Data Storage/Handling and their areas of Risk and Threat exposure
  • Experience with administering, maintaining, and leveraging a Risk Register to track and communicate identified Risk and its required remediation
  • Knowledge of statistics, reporting and analytical tools to analyze and solve complex problems
  • Proficiency in necessary productivity tools (i.e. Microsoft Excel, PowerPoint, Word etc.) for analytics and presentations
  • Operate with strong integrity with ability to handle projects of a sensitive & confidential nature
  • Excellent written and verbal communication skills with a proven ability to translate technical or abstract concepts into a narrative that is easily understood by clients.
  • Ability to thrive in fast-paced environment.

Some Things You Should Know.

  • No other builder can offer the collaborative design-build approach that Clayco does.
  • We work on creative, complex, award-winning, high-profile jobs.
  • The pace is fast!
  • This position is classified as a safety-sensitive role in accordance with applicable state and federal laws. Candidates selected for this position will be subject to a comprehensive background check, which includes mandatory drug testing.

Why Clayco?

  • 2025 Best Places to Work – St. Louis Business Journal, Los Angeles Business Journal, and Phoenix Business Journal.
  • 2025 ENR Top 400 – Top Data Center Contractor (Top 3).
  • 2025 ENR Top 100 Design-Build Firms – Design-Build Contractor (Top 5).
  • 2025 ENR Top 100 Green Contractors – Green Contractor (Top 3).

Benefits

  • Discretionary Annual Bonus: Subject to company and individual performance.
  • Comprehensive Benefits Package Including: Medical, dental and vision plans, 401k, generous PTO and paid company holidays, employee assistance program, flexible spending accounts, life insurance, disability coverage, learning & development programs and more!

Compensation

  • The salary range for this position considers a wide range of factors in making compensation decisions including but not limited to: Education, qualifications, skills, training, experience, certifications, internal equity, and location. Compensation decisions are dependent on the facts and circumstances of each case.