Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
Senior Information Security Office (ISO) Consultant, Cyber Risk Capital One is one of the fastest ... analytical skills, and strong capabilities in developing, facilitating, and delivering ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
Cyber Security Analyst
West Mclean, VA · On-site
Demonstrated experience in Assessment & Authorization (A&A), risk assessment methodologies, information security, internet security, Portable Electronic Device (PED) vulnerabilities, threat analysis ...
Cyber Security Analyst
West Mclean, VA · On-site
Demonstrated experience in Assessment & Authorization (A&A), risk assessment methodologies, information security, internet security, Portable Electronic Device (PED) vulnerabilities, threat analysis ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Technical Risk Analyst
Vienna, VA · On-site
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Technical Risk Analyst
Vienna, VA · On-site
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs ...
Senior Information Security Analyst
Richmond, VA · On-site
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Senior Information Security Analyst
Richmond, VA · On-site
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Senior Information Security Analyst
Richmond, VA · On-site
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Senior Information Security Analyst
Richmond, VA · On-site
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Senior Information Security Analyst
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Quick apply
Senior Information Security Analyst
$120K - $130K/yr
Reporting to the AVP of Information Security, you'll lead governance, risk management, security ... Performing security investigations and threat analysis across endpoint, identity, cloud, network ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify ...
... Information Security Analyst to support our Legal Business within Thomson Reuters. This person is ... Actively identify opportunities and long-range security & risk improvement strategies * Serve as ...
... Information Security Analyst to support our Legal Business within Thomson Reuters. This person is ... Actively identify opportunities and long-range security & risk improvement strategies * Serve as ...
Technical Risk Analyst
Vienna, VA · On-site
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Technical Risk Analyst
Vienna, VA · On-site
Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...
Third Party Risk Analyst
Reston, VA · On-site
Collaborate with business units, legal, information security, and other risk subject matter experts ... Strong analytical skills with the ability to identify and resolve complex issues. * Excellent ...
Third Party Risk Analyst
Reston, VA · On-site
Collaborate with business units, legal, information security, and other risk subject matter experts ... Strong analytical skills with the ability to identify and resolve complex issues. * Excellent ...
Information Security Analyst
Richmond, VA · On-site
$61 - $66/hr
Provides research and analysis of information security data and responds to inquiries; identifies ... Participates in cross-functional linked teams to address IS policy/risk or compliance issues.
Quick apply
Information Security Analyst
Richmond, VA · On-site
$61 - $66/hr
Provides research and analysis of information security data and responds to inquiries; identifies ... Participates in cross-functional linked teams to address IS policy/risk or compliance issues.
KCG is seeking an Information Assurance Analyst to join our team. Responsibilities * Analyze ... Conduct research and analysis and provide recommendations in support of network security, risk, and ...
Quick apply
KCG is seeking an Information Assurance Analyst to join our team. Responsibilities * Analyze ... Conduct research and analysis and provide recommendations in support of network security, risk, and ...
The answer is you, an information security risk specialist who can help break down emerging AI risk into clear, manageable actions. As an AI Cyber Risk Analyst on our Enterprise IT and Cyber Risk ...
The answer is you, an information security risk specialist who can help break down emerging AI risk into clear, manageable actions. As an AI Cyber Risk Analyst on our Enterprise IT and Cyber Risk ...
Information Security Risk Analyst information
See Virginia salary details
$31.70 - $35.62
6% of jobs
$35.62 - $39.54
5% of jobs
$39.54 - $43.46
8% of jobs
$45.32 is the 25th percentile. Wages below this are outliers.
$43.46 - $47.38
11% of jobs
$47.38 - $51.30
12% of jobs
The median wage is $54.98 / hr.
$51.30 - $55.23
8% of jobs
$55.23 - $59.15
7% of jobs
$59.15 - $63.07
9% of jobs
$64.85 is the 75th percentile. Wages above this are outliers.
$63.07 - $66.99
17% of jobs
$66.99 - $70.91
8% of jobs
$70.91 - $74.83
7% of jobs
$31
$57
$74
How much do information security risk analyst jobs pay per hour?
What is the difference between Information Security Risk Analyst vs Cybersecurity Analyst?
| Aspect | Information Security Risk Analyst | Cybersecurity Analyst |
|---|---|---|
| Certifications | ISO 27001, CISSP, CISA | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment teams, compliance departments | Security operations centers, incident response teams |
| Employer & Industry Usage | Financial, healthcare, government sectors | Tech companies, cybersecurity firms, enterprises |
While both roles focus on protecting information assets, the Information Security Risk Analyst primarily assesses and manages risks related to information security policies and compliance. In contrast, the Cybersecurity Analyst actively monitors security systems, responds to threats, and handles incidents. Understanding these differences helps organizations assign the right responsibilities and professionals to safeguard their digital assets.
What are the key skills and qualifications needed to thrive as an Information Security Risk Analyst, and why are they important?
What are Information Security Risk Analysts?
What Does an Information Security Risk Analyst Do?
As an information security risk analyst, your job is to help assess each potential threat and determine whether or not your current network system suffers from vulnerability to that threat. In this IT role, you may monitor network activity, help implement and manage safety protocols, and research emerging threats to help determine the best response to them. Information security risk analysts often work with many other IT personnel at the same company to manage security needs and, somewhat unusually for an IT role, may also collaborate with outside experts and volunteers to find the best way to counter a particular threat. This is an extremely collaborative position, so the ability to work well with other people, including those you may be meeting for the first time, is essential to your success.
How does an Information Security Risk Analyst typically collaborate with other departments to address security risks?

$99K - $127K/yr
Full-time
Posted 7 days ago
Capital One rating
7.8
Based on 143 frontline employees who took The Breakroom Quiz
76th of 149 rated banks
Job description
Capital One is one of the fastest growing organizations in the world today. The growth of the business is being accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk. Cybersecurity professionals at Capital One are trusted expert advisers who shape decisions, challenge activities to ensure they meet our standards, and generally oversee technology, cybersecurity, and information security risk across the business and Capital One organization.
As a Principal Associate in Capital One's Cyber Division supporting Financial Services (FS), you will work within the FS Information Security Office (FS ISO) Command Center providing support to FS business, stakeholders, and peers. The FS ISO Command Center is responsible for project management, oversight, tracking, and reporting of cyber initiatives, efforts, and metrics that impact the Financial Services Line of Business.
Success in this role requires someone to possess broad cyber experience, understanding of business efficiency frameworks (ITIL, AGILE, etc.), strong analytical skills, and strong capabilities in developing, facilitating, and delivering presentations to peers and leaders that includes both technical and non-technical information. In addition, we are seeking someone strategically minded, comfortable with challenging the status quo, disciplined, self-starter, professional, team player, and motivator of others.
Job Responsibilities:
As a member of the FS ISO Command Center, support and execute the mission providing oversight of Cyber priorities.
Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures, and standards.
Partner with customers & stakeholders to anticipate their objectives and needs to better serve their needs.
Provide monitoring and reporting on various cyber initiatives.
Build relationships vertically and horizontally both within FS and the Capital One enterprise.
Maintain awareness and tracking of enterprise cyber initiatives that could impact the FS Division, communicating them as required.
Maintain a continuous service improvement mindset; seeking out improvement and efficiency opportunities at all times.
Lead and collaborate with various teams to drive the execution to improve, create, and validate requirements, processes, controls, and metrics to measure process efficiency and effectiveness.
Drive projects end-to-end, which may include the creation of formal process documents
Proficiently tailor verbal and written communications to audience needs and levels.
Develop and deliver presentations to peers, customers, and senior leadership.
Provide ad-hoc and special request support as needed.
Provide regular updates to leadership on the status of Cyber initiatives within FS.
Basic Qualifications:
High School Diploma, GED, or equivalent certification
At least 3 years of information security or risk management experience
At least 2 years of experience in cybersecurity, privacy, or technology industry standards
At least 2 years of project management experience
Preferred Qualifications:
Bachelor's Degree
4+ years of experience managing, consulting, auditing, or working in the fields of information security, technology, or risk management
4+ years of experience with cybersecurity or technology policies
Experience with Tableau development, JIRA, Confluence and AI products
Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).
The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.
McLean, VA: $131,300 - $149,800 for Prin Assoc, Cyber Risk & AnalysisCandidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter.
This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at theCapital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
What Capital One employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom