Operational Risk Analyst -Security Governance & Risk Issues Management Location: Merrifield VA ... Keep current with Information Security best practices and industry trends, and communicate/apply ...
Operational Risk Analyst -Security Governance & Risk Issues Management Location: Merrifield VA ... Keep current with Information Security best practices and industry trends, and communicate/apply ...
Ability to analyze complex technical environments and communicate risk in business-focused terms ... Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Ability to analyze complex technical environments and communicate risk in business-focused terms ... Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Ability to analyze complex technical environments and communicate risk in business-focused terms ... Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Quick apply
Ability to analyze complex technical environments and communicate risk in business-focused terms ... Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Ability to analyze complex technical environments and communicate risk in business-focused terms. * Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Quick apply
Ability to analyze complex technical environments and communicate risk in business-focused terms. * Strong knowledge of information security frameworks including NIST CSF, NIST 800โ53, ISO 27001 ...
Information Security Risk Specialist
Mclean, VA ยท On-site
$62K - $141K/yr
Information Security Risk Specialist The Opportunity: Cyber threats evolve constantly. In this role ... Knowledge of stakeholder analysis and change management to drive adoption of security ...
Information Security Risk Specialist
Mclean, VA ยท On-site
$62K - $141K/yr
Information Security Risk Specialist The Opportunity: Cyber threats evolve constantly. In this role ... Knowledge of stakeholder analysis and change management to drive adoption of security ...
Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...
Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...
Cyber Risk Analyst (TS/SCI)
Reston, VA ยท On-site
Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...
Cyber Risk Analyst (TS/SCI)
Reston, VA ยท On-site
Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...
IT Security Analyst T2
Herndon, VA ยท On-site
Collaborate with departments to improve security trust operations, communicate risk, and bolster ... analysis or security technology role Advanced knowledge of the following: โข information systems ...
New
IT Security Analyst T2
Herndon, VA ยท On-site
Collaborate with departments to improve security trust operations, communicate risk, and bolster ... analysis or security technology role Advanced knowledge of the following: โข information systems ...
New
Third-Party Risk Analyst
Mclean, VA ยท On-site
$45 - $47/hr
Third-Party Risk Analyst Location: McLean, VA (5 days - Onsite) Job Overview The Third-Party Risk ... Knowledge of cybersecurity or information security incident management. * Familiarity with third ...
Quick apply
Third-Party Risk Analyst
Mclean, VA ยท On-site
$45 - $47/hr
Third-Party Risk Analyst Location: McLean, VA (5 days - Onsite) Job Overview The Third-Party Risk ... Knowledge of cybersecurity or information security incident management. * Familiarity with third ...
Sr. Analyst, Cybersecurity
Richmond, VA ยท On-site
$92K - $119K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Sr. Analyst, Cybersecurity
Richmond, VA ยท On-site
$92K - $119K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Sr. Analyst, Cybersecurity
$92K - $119K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Sr. Analyst, Cybersecurity
$92K - $119K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Sr. Analyst, Cybersecurity
$99K - $127K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Sr. Analyst, Cybersecurity
$99K - $127K/yr
Perform information security risk assessments, understand threats, vulnerabilities and exposures ... Gathers data, conducts analyses, and prepares related risk reporting. * As an integral member of ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA ยท On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... As an information security risk specialist on our team, you'll work with industry partners to ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA ยท On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... As an information security risk specialist on our team, you'll work with industry partners to ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
Senior Information Security Office (ISO) Consultant, Cyber Risk
Richmond, VA ยท On-site
$99K - $127K/yr
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk
Richmond, VA ยท On-site
$99K - $127K/yr
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
Cyber Security Analyst
West Mclean, VA ยท On-site
Demonstrated experience in Assessment & Authorization (A&A), risk assessment methodologies, information security, internet security, Portable Electronic Device (PED) vulnerabilities, threat analysis ...
Cyber Security Analyst
West Mclean, VA ยท On-site
Demonstrated experience in Assessment & Authorization (A&A), risk assessment methodologies, information security, internet security, Portable Electronic Device (PED) vulnerabilities, threat analysis ...
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Information Security Risk Analyst information
See Virginia salary details
$31.70 - $35.62
6% of jobs
$35.62 - $39.54
5% of jobs
$39.54 - $43.46
8% of jobs
$45.32 is the 25th percentile. Wages below this are outliers.
$43.46 - $47.38
11% of jobs
$47.38 - $51.30
12% of jobs
The median wage is $54.98 / hr.
$51.30 - $55.23
8% of jobs
$55.23 - $59.15
7% of jobs
$59.15 - $63.07
9% of jobs
$64.85 is the 75th percentile. Wages above this are outliers.
$63.07 - $66.99
17% of jobs
$66.99 - $70.91
8% of jobs
$70.91 - $74.83
7% of jobs
$31
$57
$74
How much do information security risk analyst jobs pay per hour?
As of Jun 21, 2026, the average hourly pay for information security risk analyst in Virginia is $57.95, according to ZipRecruiter salary data. Most workers in this role earn between $45.05 and $65.05 per hour, depending on experience, location, and employer.
What is the difference between Information Security Risk Analyst vs Cybersecurity Analyst?
| Aspect | Information Security Risk Analyst | Cybersecurity Analyst |
|---|---|---|
| Certifications | ISO 27001, CISSP, CISA | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment teams, compliance departments | Security operations centers, incident response teams |
| Employer & Industry Usage | Financial, healthcare, government sectors | Tech companies, cybersecurity firms, enterprises |
While both roles focus on protecting information assets, the Information Security Risk Analyst primarily assesses and manages risks related to information security policies and compliance. In contrast, the Cybersecurity Analyst actively monitors security systems, responds to threats, and handles incidents. Understanding these differences helps organizations assign the right responsibilities and professionals to safeguard their digital assets.
What are the key skills and qualifications needed to thrive as an Information Security Risk Analyst, and why are they important?
To thrive as an Information Security Risk Analyst, you need a solid understanding of cybersecurity principles, risk management frameworks, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like risk assessment platforms, vulnerability scanners, and security information and event management (SIEM) systems is typically required. Strong analytical thinking, communication, and attention to detail help you translate complex risks into actionable recommendations and collaborate with stakeholders. These skills are crucial for effectively identifying, assessing, and mitigating security risks to protect organizational assets and ensure compliance.
What are Information Security Risk Analysts?
Information Security Risk Analysts are professionals responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze potential threats, vulnerabilities, and impacts to ensure that appropriate security measures are in place. These analysts often develop risk management strategies, conduct security assessments, and recommend security enhancements. Their goal is to help organizations protect sensitive information and comply with relevant regulations.
What Does an Information Security Risk Analyst Do?
As an information security risk analyst, your job is to help assess each potential threat and determine whether or not your current network system suffers from vulnerability to that threat. In this IT role, you may monitor network activity, help implement and manage safety protocols, and research emerging threats to help determine the best response to them. Information security risk analysts often work with many other IT personnel at the same company to manage security needs and, somewhat unusually for an IT role, may also collaborate with outside experts and volunteers to find the best way to counter a particular threat. This is an extremely collaborative position, so the ability to work well with other people, including those you may be meeting for the first time, is essential to your success.
How does an Information Security Risk Analyst typically collaborate with other departments to address security risks?
Information Security Risk Analysts work closely with various departments such as IT, compliance, legal, and business units to identify and mitigate security risks. They often facilitate risk assessments, communicate findings, and recommend solutions tailored to each department's needs. Regular meetings and cross-functional projects are common, ensuring security measures align with business objectives while maintaining compliance. This collaborative approach helps foster a culture of security awareness throughout the organization.
More about Information Security Risk Analyst jobs
What are popular job titles related to Information Security Risk Analyst jobs in Virginia? For Information Security Risk Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Information Security Risk Analyst jobs in Virginia look for? The top searched job categories for Information Security Risk Analyst jobs in Virginia are:
What are popular job titles related to Information Security Risk Analyst jobs in VA? For Information Security Risk Analyst jobs in VA, the most frequently searched job titles are:
Operational Risk Analyst -Security Governance & Risk Issues Management
NAVA Software SolutionsMerrifield, VA โข On-site
Full-time
Posted 18 days ago
Job description
NAVA Software solutions is looking for an Operational Risk Analyst -Security Governance & Risk Issues Management
Details:
Operational Risk Analyst -Security Governance & Risk Issues Management
Location: Merrifield VA - Hybrid
Duration: 12 months
Basic Purpose
This role is specifically designated as an Operational Risk Management (ORM) role for Issue Management. The Contractor Analyst will be experienced in risk management, issue management, risk and control self-assessments (RCSA), and have an understanding of security standards, and familiarity with risk and compliance (GRC) tool operations. The Analyst will understand how the ORM framework applies to the business and be able to articulate the need for issue management. The Contractor Analyst will be responsible for supporting the daily operations of issue management and partnering with groups across security, IT and business risk teams. A successful candidate will be required to research issues, support the business in ensuring issues are captured timely, ensure issues are correctly risk assessed and remediation plans are documented and align to the underlying root cause.
Responsibilities
Qualifications
Details:
Operational Risk Analyst -Security Governance & Risk Issues Management
Location: Merrifield VA - Hybrid
Duration: 12 months
Basic Purpose
This role is specifically designated as an Operational Risk Management (ORM) role for Issue Management. The Contractor Analyst will be experienced in risk management, issue management, risk and control self-assessments (RCSA), and have an understanding of security standards, and familiarity with risk and compliance (GRC) tool operations. The Analyst will understand how the ORM framework applies to the business and be able to articulate the need for issue management. The Contractor Analyst will be responsible for supporting the daily operations of issue management and partnering with groups across security, IT and business risk teams. A successful candidate will be required to research issues, support the business in ensuring issues are captured timely, ensure issues are correctly risk assessed and remediation plans are documented and align to the underlying root cause.
Responsibilities
- Attend meetings with stakeholders within security, IT and across the credit union to assess and encourage the need for submitting issues impacting information security.
- Aid in the development of remediation plans.
- Facilitate root cause analysis
- Assess the impact and likelihood of an issue and provide justification for the ratings
- Leverage various communication channels to obtain required information.
- Work within the Logic Manager (GRC) platform
- Support metrics and reporting focused on issues and event processes.
- Aid business partners in understanding the importance of issue management.
- Keep current with Information Security best practices and industry trends, and communicate/apply these practices to policy improvements and compliance actions.
- Perform other duties as assigned
Qualifications
- Experience in the credit union/financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
- Experience managing issues from identification to remediation
- IT Audit or first line IT or security risk experience a plus
- Desired knowledge of NCUA, FFIEC, BSA/AML, NIST (including the Cyber Security Framework and 800 Series)
- Effective planning and organizational skills
- Effective research, analytical and problem solving skills
- Strong verbal, written and interpersonal communication skills, including technical writing
- Desired Bachelor Degree in business, information systems or related field or equivalent work/military experience
- Ability to present findings and conclusions clearly and concisely
- Experience in working with all levels of staff, management, stakeholders, and third parties
- Ability to build effective relationships through rapport, trust, diplomacy, and tact
- Strong word processing and spreadsheet software skills
About NAVA Software Solutions
Sourced by ZipRecruiter
NAVA is a strategic partner for companies seeking to develop or customize software and products. Our team of experts leverages cutting-edge technology and deep industry knowledge to provide customized solutions that drive business success. Whether you're looking to improve your operations, increase efficiency, or bring a new product to market, NAVA has the expertise and resources to help you achieve your goals. Trust us to be your partner in software and product development.
Industry
It services
Company size
51 - 200 Employees
Headquarters location
Rocky Hill, CT, US