1

It Risk Analyst Jobs in Washington (NOW HIRING)

Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...

Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...

Support management reporting, metrics, and analysis related to model governance, AI governance, and ... Previous experience in IT audit, operational risk management, regulatory compliance, or a Big Four ...

Support management reporting, metrics, and analysis related to model governance, AI governance, and ... Previous experience in IT audit, operational risk management, regulatory compliance, or a Big Four ...

The IT Risk and Controls Managing Consultant will support stakeholder engagement and technical ... Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing ...

IT Audit Senior

Alexandria, VA · On-site

$100K - $132K/yr

IT Audit Senior Are you ready to take the next step in your IT audit career? Join Castro amp ... Identify and Communicate Risk : Analyze IT environments, pinpoint control gaps, and clearly present ...

IT Audit - Staff

Alexandria, VA · On-site

$65K - $80K/yr

Job Summary The IT Audit Staff Analyst supports Technology Risk and IT audit engagements within a Department of Defense or Government & Public Sector environment. As a member of the Technology Risk ...

next page

Showing results 1-20

It Risk Analyst information

See Washington salary details

$17

$45

$74

How much do it risk analyst jobs pay per hour?

As of Jul 12, 2026, the average hourly pay for it risk analyst in Washington is $45.85, according to ZipRecruiter salary data. Most workers in this role earn between $33.75 and $55.82 per hour, depending on experience, location, and employer.

What does an IT Risk Analyst do?

An IT Risk Analyst is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They analyze potential threats, such as cyberattacks or data breaches, and develop strategies to minimize these risks. Their role involves working closely with other IT professionals to ensure compliance with security policies and regulatory requirements, as well as preparing risk reports and recommending improvements. Ultimately, IT Risk Analysts help organizations protect sensitive information and maintain secure, reliable IT operations.

What are the key skills and qualifications needed to thrive as an IT Risk Analyst, and why are they important?

To thrive as an IT Risk Analyst, you need a strong understanding of risk management frameworks, cybersecurity principles, and regulatory compliance—often supported by a degree in information technology or a related field. Familiarity with tools such as risk assessment software, vulnerability scanners, and certifications like CISSP or CISA is typically required. Analytical thinking, attention to detail, and effective communication are vital soft skills that distinguish top performers in this role. These competencies are crucial for accurately identifying risks, ensuring regulatory compliance, and effectively communicating findings to stakeholders.

What are some common challenges IT Risk Analysts face when collaborating with other departments?

IT Risk Analysts often work closely with various departments such as IT, compliance, and operations to identify and mitigate risks. One common challenge is translating technical risk information into terms that non-technical stakeholders can understand. Additionally, balancing the need for rigorous security measures with business objectives can sometimes lead to conflicting priorities. Effective communication and building strong relationships across teams are key to overcoming these challenges and ensuring that risk controls are both practical and effective.

What is the difference between It Risk Analyst vs Cybersecurity Analyst?

AspectIt Risk AnalystCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACISSP, CEH, CompTIA Security+
Work EnvironmentFinancial, healthcare, corporate sectors focusing on risk managementIT security teams, cybersecurity firms, tech companies
Employer & Industry UsageFinancial institutions, large corporations, consulting firmsTech companies, government agencies, security firms

While both roles focus on protecting information, the It Risk Analyst primarily assesses and manages overall IT risks within organizations, emphasizing compliance and risk mitigation strategies. In contrast, the Cybersecurity Analyst concentrates on defending systems from cyber threats and attacks. Both roles often collaborate but serve distinct functions in an organization's security framework.

What job categories do people searching It Risk Analyst jobs in Washington look for? The top searched job categories for It Risk Analyst jobs in Washington are:
What cities in Washington are hiring for It Risk Analyst jobs? Cities in Washington with the most It Risk Analyst job openings:
Infographic showing various It Risk Analyst job openings in Washington as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 82% Full Time, 11% Part Time, 1% Temporary, and 4% Contract. Highlights an 81% Physical, 7% Hybrid, and 12% Remote job distribution, with an average salary of $95,375 per year, or $45.9 per hour.
Technical Risk Analyst

Technical Risk Analyst

INSPYR Solutions

Vienna, VA • On-site

Other

Posted 23 days ago


Job description

Technical Risk Analyst

Position Summary

We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology environment. This role will focus on evaluating the effectiveness of Identity and Access Management (IAM) controls and other technology security controls while helping identify risks, document findings, and support remediation efforts.

The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation skills.

Key Responsibilities
  • Support testing and assessment of IT security controls and risk management processes.
  • Evaluate the effectiveness of IAM controls, including user provisioning, deprovisioning, access reviews, and privileged access management.
  • Review control documentation and supporting evidence to identify potential gaps and risks.
  • Assist in assessing the design and operating effectiveness of technology security controls.
  • Document testing results, findings, and recommendations for stakeholders.
  • Track remediation efforts and support follow-up validation activities.
  • Partner with technology, cybersecurity, compliance, and risk teams to strengthen control effectiveness.
  • Contribute to risk assessments, governance activities, and continuous improvement initiatives.
Required Qualifications
  • 3-5+ years of experience in IT Risk, Technology Risk, Cybersecurity, IT Audit, Information Security, Compliance, IAM, or a related field.
  • Understanding of IT security controls and risk management principles.
  • Experience with Identity and Access Management (IAM) processes and controls.
  • Strong analytical, organizational, and documentation skills.
  • Experience reviewing documentation, evidence, and technical processes.
  • Ability to communicate effectively with technical and non-technical stakeholders.
Preferred Qualifications
  • Experience with IT controls testing, compliance assessments, or audit activities.
  • Knowledge of frameworks such as NIST, COBIT, ISO 27001, SOX, or similar standards.
  • Experience supporting highly regulated or security-focused environments.
  • Security+, CISA, CRISC, CISSP, or related certifications are a plus.
What We''re Looking For
  • Detail-oriented professional with strong problem-solving skills.
  • Ability to analyze information, identify risks, and document findings clearly.
  • Interest in cybersecurity, risk management, governance, and controls.
  • Collaborative team player who can work across multiple stakeholders and teams.