ZipRecruiter

Log In

1

Information Security Risk Analyst Jobs (NOW HIRING)

TEKsystems

AI Security Risk Analyst

Manhattan, NY · Remote

$70 - $85/hr

Description The EITS Security Risk Analyst is part of the Enterprise Information Technology Services, Information Security and Risk Management team and will work at an enterprise level to ensure a ...

next page

Showing results 1-20

All JobsInformation Security Risk Analyst Jobs

Information Security Risk Analyst information

See salary details

$31

$58

$75

How much do information security risk analyst jobs pay per hour?

As of Jun 26, 2026, the average hourly pay for information security risk analyst in the United States is $58.45, according to ZipRecruiter salary data. Most workers in this role earn between $45.43 and $65.62 per hour, depending on experience, location, and employer.

What is the difference between Information Security Risk Analyst vs Cybersecurity Analyst?

AspectInformation Security Risk AnalystCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk assessment teams, compliance departmentsSecurity operations centers, incident response teams
Employer & Industry UsageFinancial, healthcare, government sectorsTech companies, cybersecurity firms, enterprises

While both roles focus on protecting information assets, the Information Security Risk Analyst primarily assesses and manages risks related to information security policies and compliance. In contrast, the Cybersecurity Analyst actively monitors security systems, responds to threats, and handles incidents. Understanding these differences helps organizations assign the right responsibilities and professionals to safeguard their digital assets.

What are the key skills and qualifications needed to thrive as an Information Security Risk Analyst, and why are they important?

To thrive as an Information Security Risk Analyst, you need a solid understanding of cybersecurity principles, risk management frameworks, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like risk assessment platforms, vulnerability scanners, and security information and event management (SIEM) systems is typically required. Strong analytical thinking, communication, and attention to detail help you translate complex risks into actionable recommendations and collaborate with stakeholders. These skills are crucial for effectively identifying, assessing, and mitigating security risks to protect organizational assets and ensure compliance.

What are Information Security Risk Analysts?

Information Security Risk Analysts are professionals responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze potential threats, vulnerabilities, and impacts to ensure that appropriate security measures are in place. These analysts often develop risk management strategies, conduct security assessments, and recommend security enhancements. Their goal is to help organizations protect sensitive information and comply with relevant regulations.

What Does an Information Security Risk Analyst Do?

As an information security risk analyst, your job is to help assess each potential threat and determine whether or not your current network system suffers from vulnerability to that threat. In this IT role, you may monitor network activity, help implement and manage safety protocols, and research emerging threats to help determine the best response to them. Information security risk analysts often work with many other IT personnel at the same company to manage security needs and, somewhat unusually for an IT role, may also collaborate with outside experts and volunteers to find the best way to counter a particular threat. This is an extremely collaborative position, so the ability to work well with other people, including those you may be meeting for the first time, is essential to your success.

How does an Information Security Risk Analyst typically collaborate with other departments to address security risks?

Information Security Risk Analysts work closely with various departments such as IT, compliance, legal, and business units to identify and mitigate security risks. They often facilitate risk assessments, communicate findings, and recommend solutions tailored to each department's needs. Regular meetings and cross-functional projects are common, ensuring security measures align with business objectives while maintaining compliance. This collaborative approach helps foster a culture of security awareness throughout the organization.
More about Information Security Risk Analyst jobs
What cities are hiring for Information Security Risk Analyst jobs? Cities with the most Information Security Risk Analyst job openings:
What are the most commonly searched types of Information Security Risk Analyst jobs? The most popular types of Information Security Risk Analyst jobs are:
Who are the top companies hiring for Information Security Risk Analyst jobs? The top employers for Information Security Risk Analyst jobs are:
What states have the most Information Security Risk Analyst jobs? States with the most job openings for Information Security Risk Analyst jobs include:
What job categories do people searching Information Security Risk Analyst jobs look for? The top searched job categories for Information Security Risk Analyst jobs are:
What are popular job titles related to Information Security Risk Analyst jobs? For Information Security Risk Analyst jobs, the most frequently searched job titles are:
Information Security Risk Analyst jobs near you
Infographic showing various Information Security Risk Analyst job openings in the United States as of June 2026, with employment types broken down into 67% Full Time, and 33% Contract. Highlights an 33% In-person, 34% Hybrid, and 33% Remote job distribution, with an average salary of $121,577 per year, or $58.5 per hour.
EITS Security Risk Analyst B (Engagement)--Remote Job

EITS Security Risk Analyst B (Engagement)--Remote Job

DELTASOFT SOLUTIONS LLC

San Francisco, CA • Remote

Full-time

Posted 8 days ago

Job description

Job43 – EITS Security Risk Analyst B (Engagement) Location: 100% Remote
Max Submissions: 5
Proposed Start Date: ASAP
Proposed End Date: 06/30/2026
Role Overview
  • Serve as a liaison between the CISO’s strategic initiatives and the IT operational teams.
  • Translate business IT risk requirements into technical control specifications.
  • Develop risk metrics for performance measurement and reporting.
  • Coordinate enterprise-level security and risk management efforts.
  • Act as a subject matter expert (SME) on information security and regulatory compliance.

Key Responsibilities🔹 Security & Risk Management
  • Maintain and enforce the enterprise information security and risk management framework.
  • Conduct risk analysis and develop mitigation strategies.
  • Monitor and assess the enterprise threat landscape.
  • Provide realistic risk reporting to the CISO and leadership teams.
  • Track and document internal risk reviews, assessments, and exceptions using a GRC tool.

🔹 Governance & Compliance
  • Document and maintain risk governance methodologies, policies, and procedures.
  • Ensure compliance with:
     
    • HIPAA
  •  
    • Joint Commission
  •  
    • DSRIP
  •  
    • COBIT
  •  
    • State privacy laws
  •  
  • Conduct and support internal and external audits (operational, compliance, reputational, security).
  • Serve as SME for EMR and PHI-related security risks.

🔹 Risk Assessments & Gap Analysis
  • Perform enterprise security risk assessments and gap analyses for new technologies and products.
  • Develop and manage risk remediation plans and work plans.
  • Identify information asset owners for data classification initiatives.
  • Support risk exception and risk acceptance documentation processes.

🔹 Technical & Cross-Functional Collaboration
  • Partner with enterprise architecture teams to align business, technical, and security requirements.
  • Collaborate with security engineering teams to implement security controls.
  • Facilitate meetings between stakeholders and IT teams.
  • Provide written and verbal reports to leadership and committees (including Operational Risk Committee).

Required Qualifications🔹 Experience
  • Minimum 7 years of IT experience
  • At least 5 years in IT Security Risk Management / Risk Audit / Data Privacy Investigation
  • Minimum 2 years in a supervisory capacity

🔹 Healthcare Industry Expertise (Required)
  • Strong understanding of:
     
    • EMR systems
  •  
    • PHI data privacy
  •  
    • Healthcare regulatory environment
  •  
  • Experience with HIPAA, Joint Commission, CMS regulations

🔹 GRC & Security Framework Knowledge
  • Hands-on experience with GRC tools (ServiceNow, Archer, MetricStream preferred)
  • Working knowledge of:
     
    • NIST CSF
  •  
    • HITECH
  •  
    • ISO 27001/27002
  •  
    • PCI DSS
  •  
    • COBIT
  •  

🔹 Technical Skills
  • Experience reviewing IT solution requirements and implementing security controls
  • Strong analytical and risk assessment skills
  • Ability to design compensating controls for security vulnerabilities
  • Ability to assess business impact of security tools and policies

Education & Certifications
  • Bachelor’s degree in Information Systems or related field
  • Preferred Certifications:
     
    • CISSP
  •  
    • CISA
  •  
    • CRISC
  •  
    • Other relevant security certifications
  •  

Preferred Soft Skills
  • High integrity and ability to work independently
  • Strong communication and reporting skills
  • Ability to work in fast-moving environments
  • Experience participating in special projects
  • Ability to support various locations and flexible shifts if required
  Thanks & RegardsBhanu PrakashDeltaSoft Solutionsbhanu.prakash@deltasoftgroup.com

Apply