ZipRecruiter

Log In

1

Information Security Risk Analyst Jobs (NOW HIRING)

CERES Group

Compliance & Risk Analyst

Boston, MA ยท On-site

The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, and has project, audit, reporting, and documentation responsibilities. The individual also assists with staff action ...

next page

Showing results 1-20

People also search for

All JobsInformation Security Risk Analyst Jobs

Information Security Risk Analyst information

See salary details

$31

$58

$75

How much do information security risk analyst jobs pay per hour?

As of Jun 7, 2026, the average hourly pay for information security risk analyst in the United States is $58.45, according to ZipRecruiter salary data. Most workers in this role earn between $45.43 and $65.62 per hour, depending on experience, location, and employer.

What is the difference between Information Security Risk Analyst vs Cybersecurity Analyst?

AspectInformation Security Risk AnalystCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk assessment teams, compliance departmentsSecurity operations centers, incident response teams
Employer & Industry UsageFinancial, healthcare, government sectorsTech companies, cybersecurity firms, enterprises

While both roles focus on protecting information assets, the Information Security Risk Analyst primarily assesses and manages risks related to information security policies and compliance. In contrast, the Cybersecurity Analyst actively monitors security systems, responds to threats, and handles incidents. Understanding these differences helps organizations assign the right responsibilities and professionals to safeguard their digital assets.

What are the key skills and qualifications needed to thrive as an Information Security Risk Analyst, and why are they important?

To thrive as an Information Security Risk Analyst, you need a solid understanding of cybersecurity principles, risk management frameworks, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like risk assessment platforms, vulnerability scanners, and security information and event management (SIEM) systems is typically required. Strong analytical thinking, communication, and attention to detail help you translate complex risks into actionable recommendations and collaborate with stakeholders. These skills are crucial for effectively identifying, assessing, and mitigating security risks to protect organizational assets and ensure compliance.

What are Information Security Risk Analysts?

Information Security Risk Analysts are professionals responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze potential threats, vulnerabilities, and impacts to ensure that appropriate security measures are in place. These analysts often develop risk management strategies, conduct security assessments, and recommend security enhancements. Their goal is to help organizations protect sensitive information and comply with relevant regulations.

What Does an Information Security Risk Analyst Do?

As an information security risk analyst, your job is to help assess each potential threat and determine whether or not your current network system suffers from vulnerability to that threat. In this IT role, you may monitor network activity, help implement and manage safety protocols, and research emerging threats to help determine the best response to them. Information security risk analysts often work with many other IT personnel at the same company to manage security needs and, somewhat unusually for an IT role, may also collaborate with outside experts and volunteers to find the best way to counter a particular threat. This is an extremely collaborative position, so the ability to work well with other people, including those you may be meeting for the first time, is essential to your success.

How does an Information Security Risk Analyst typically collaborate with other departments to address security risks?

Information Security Risk Analysts work closely with various departments such as IT, compliance, legal, and business units to identify and mitigate security risks. They often facilitate risk assessments, communicate findings, and recommend solutions tailored to each department's needs. Regular meetings and cross-functional projects are common, ensuring security measures align with business objectives while maintaining compliance. This collaborative approach helps foster a culture of security awareness throughout the organization.
More about Information Security Risk Analyst jobs
What cities are hiring for Information Security Risk Analyst jobs? Cities with the most Information Security Risk Analyst job openings:
What are the most commonly searched types of Information Security Risk Analyst jobs? The most popular types of Information Security Risk Analyst jobs are:
Who are the top companies hiring for Information Security Risk Analyst jobs? The top employers for Information Security Risk Analyst jobs are:
What states have the most Information Security Risk Analyst jobs? States with the most job openings for Information Security Risk Analyst jobs include:
What job categories do people searching Information Security Risk Analyst jobs look for? The top searched job categories for Information Security Risk Analyst jobs are:
What are popular job titles related to Information Security Risk Analyst jobs? For Information Security Risk Analyst jobs, the most frequently searched job titles are:
Information Security Risk Analyst jobs near you
Infographic showing various Information Security Risk Analyst job openings in the United States as of May 2026, with employment types broken down into 36% Full Time, 57% Part Time, and 7% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $121,577 per year, or $58.5 per hour.
Compliance & Risk Analyst

Compliance & Risk Analyst

CERES Group

Boston, MA โ€ข On-site

Full-time

This job post hasย expired 1 day ago.ย Applications are no longer accepted.

Job description

Join a global compliance team for one of Boston's leading Asset Management Firms. This role will report to the Manager of IT Security and is part of the IT Production Control & Risk Management group. The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, and has project, audit, reporting, and documentation responsibilities. The individual also assists with staff action processing and security incident management, as well as day-to-day security support and operational tasks.
Primary Responsibilities:

  • Participates in IT security project management
  • Generates and analyzes application, SQL, file system access audit documentation
  • Performs access analysis for staff actions (onboarding/transfers/terminations)
  • Assists in data classification & protection projects
  • Manages email security functions
  • Participates in weekly meetings with other internal risk management teams
  • Supports the definition and implementation of security policies & procedures
  • Maintains documentation for processes and procedures
  • Identifies and supports quality improvement initiatives
  • Assists in performing product evaluations in support of data security initiatives
  • Performs IT security risk assessments of both new and existing in house and vendor based systems
  • Contributes to company standards and policies related to IT security risks
  • Maintains broad knowledge of best practices and trends in the field of Information Security
  • Supports vulnerability management processes
  • Assists in the adoption of new tools, processes and policies to enhance the firm's security posture
  • Performs various duties around the formation, delivery and maintenance of the firm's Information Security Awareness and Communication Program
  • Provides after-hours coverage for Security Events and Incident Response
  • Provides technical security support to Business Areas and IT staff on products, projects, applications and services as required
  • Participates and lead incidents as part of the Information Security Incident Response Team (ISIRT)
  • Participates in Information Security meetings and activities as required
  • Performs any and all other assigned Information Security Program tasks and functions
  • Provides cross functional support for RFP generation by defining the security and compliance responses to appropriately address customer needs and leveraging the expertise of others to support
  • Assists in workflow enhancement for various supporting processes
Required Skills:
  • Undergraduate with 3-5 years related experience, or graduate degree with information security specialization
  • Strong written and verbal communications and interpersonal skills
  • Motivated and passionate about learning and developing your skills
  • Strong knowledge of information risk and security principles and practices
  • Understanding of various processes and regulatory standards including: MA Privacy Law 201 CRM 17.00, NIST Standards, SEC Standards; Risk Assessment Methodologies; Audit; Incident Response & Forensics
  • Familiarity with Microsoft Active Directory
  • Experience working with Active Directory and relevant operating system security (Windows, Linux, etc.)
  • Experience with the following is desired: CMDB, SIEM, data leakage prevention and eDiscovery technologies, Varonis DatAdvantage
  • A security-related certification would be a plus (CISSP, CISM, CISA, etc.)
#LI-MG1

Apply