Security Risk Management * Conduct security risk assessments for technologies, business initiatives, vendors, and emerging risks. * Maintain Security-owned risks within the enterprise risk management ...
Security Risk Management * Conduct security risk assessments for technologies, business initiatives, vendors, and emerging risks. * Maintain Security-owned risks within the enterprise risk management ...
They are seeking a Senior Manager for Security Risk Engineering to lead the transition of risk ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
They are seeking a Senior Manager for Security Risk Engineering to lead the transition of risk ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
... executive management. The Risk Coordinator Sr. assesses the appropriateness of security ... Lead and enhance programs for risk assessment /advisement on new technologies, critical ...
... executive management. The Risk Coordinator Sr. assesses the appropriateness of security ... Lead and enhance programs for risk assessment /advisement on new technologies, critical ...
Security Risk Officer
Wayne, PA · Remote
Conduct Information security risk identification and assessment across various domains and areas * Keep oversight of and monitor security risk management practices and ensure execution of security ...
Security Risk Officer
Wayne, PA · Remote
Conduct Information security risk identification and assessment across various domains and areas * Keep oversight of and monitor security risk management practices and ensure execution of security ...
... executive management. The Risk Coordinator Sr. assesses the appropriateness of security ... Lead and enhance programs for risk assessment /advisement on new technologies, critical ...
... executive management. The Risk Coordinator Sr. assesses the appropriateness of security ... Lead and enhance programs for risk assessment /advisement on new technologies, critical ...
Lead Security Risk Manager
San Francisco, CA · On-site +1
Identify, assess, monitor, and report on security risks across the enterprise * Analyze risk data ... Experience with risk management frameworks (RMF, ISO 27005, NIST 800-37, NIST 800-30) * Experience ...
Lead Security Risk Manager
San Francisco, CA · On-site +1
Identify, assess, monitor, and report on security risks across the enterprise * Analyze risk data ... Experience with risk management frameworks (RMF, ISO 27005, NIST 800-37, NIST 800-30) * Experience ...
Security Risk Officer
Des Moines, IA · Remote
Conduct Information security risk identification and assessment across various domains and areas * Keep oversight of and monitor security risk management practices and ensure execution of security ...
Security Risk Officer
Des Moines, IA · Remote
Conduct Information security risk identification and assessment across various domains and areas * Keep oversight of and monitor security risk management practices and ensure execution of security ...
Risk Assessment and Governance * Oversee and perform security risk assessments for applications ... A hybrid work model or fully remote model can be considered based on hiring manager decision and ...
Risk Assessment and Governance * Oversee and perform security risk assessments for applications ... A hybrid work model or fully remote model can be considered based on hiring manager decision and ...
Security Manager
The Woodlands, TX · On-site
The Manager, Security will lead a team of security professionals and own the enterprise physical ... Familiarity with TSA Pipeline Security Guidelines and API RP 780 Security Risk Assessment ...
Security Manager
The Woodlands, TX · On-site
The Manager, Security will lead a team of security professionals and own the enterprise physical ... Familiarity with TSA Pipeline Security Guidelines and API RP 780 Security Risk Assessment ...
Security Manager
The Woodlands, TX · On-site
The Manager, Security will lead a team of security professionals and own the enterprise physical ... Familiarity with TSA Pipeline Security Guidelines and API RP 780 Security Risk Assessment ...
Security Manager
The Woodlands, TX · On-site
The Manager, Security will lead a team of security professionals and own the enterprise physical ... Familiarity with TSA Pipeline Security Guidelines and API RP 780 Security Risk Assessment ...
... assess, and report on compliance posture and control operating effectiveness. • Compliance ... Security Risk Program - Manage the enterprise security risk management program, including ...
... assess, and report on compliance posture and control operating effectiveness. • Compliance ... Security Risk Program - Manage the enterprise security risk management program, including ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements Current or previous ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements Current or previous ...
The Security Risk Assessor will be responsible for identifying, prioritizing, reporting, and ... skills Project Management Education Work with blueStone Recruiting, we understand Information ...
The Security Risk Assessor will be responsible for identifying, prioritizing, reporting, and ... skills Project Management Education Work with blueStone Recruiting, we understand Information ...
Compliance Program Monitoring - Monitor, assess, and report on compliance posture and control ... Security Risk Program - Manage the enterprise security risk management program, including ...
Compliance Program Monitoring - Monitor, assess, and report on compliance posture and control ... Security Risk Program - Manage the enterprise security risk management program, including ...
IS Security Risk Analyst III
Columbia, SC · On-site
They are seeking an IS Security Risk Analyst III to plan and perform compliance and risk assessment ... Advise senior management of critical issues that may affect organization. • Research emerging ...
New
IS Security Risk Analyst III
Columbia, SC · On-site
They are seeking an IS Security Risk Analyst III to plan and perform compliance and risk assessment ... Advise senior management of critical issues that may affect organization. • Research emerging ...
New
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... or risk management efforts Experience leveraging collaboration forums, such as MS Teams and ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... or risk management efforts Experience leveraging collaboration forums, such as MS Teams and ...
Principal Security Risk Analyst
Denver, CO · On-site
$97K - $138K/yr
Manage and execute risk identification, assessment and quantification, aggregation reporting, and ... Coordinates the security risk program efforts including risk modeling, comprehensive periodic risk ...
Principal Security Risk Analyst
Denver, CO · On-site
$97K - $138K/yr
Manage and execute risk identification, assessment and quantification, aggregation reporting, and ... Coordinates the security risk program efforts including risk modeling, comprehensive periodic risk ...
Risk Assessor
Richmond, VA · On-site
An information system security risk assessment should also be performed in compliance with SEC501 ... Report Manager Required: 2+ years of experience conducting IT risk assessments Apply strong ...
Risk Assessor
Richmond, VA · On-site
An information system security risk assessment should also be performed in compliance with SEC501 ... Report Manager Required: 2+ years of experience conducting IT risk assessments Apply strong ...
Principal Security Risk Analyst
Minneapolis, MN · On-site
$97K - $138K/yr
Manage and execute risk identification, assessment and quantification, aggregation reporting, and ... Coordinates the security risk program efforts including risk modeling, comprehensive periodic risk ...
Principal Security Risk Analyst
Minneapolis, MN · On-site
$97K - $138K/yr
Manage and execute risk identification, assessment and quantification, aggregation reporting, and ... Coordinates the security risk program efforts including risk modeling, comprehensive periodic risk ...
As an information security risk specialist on our team, you'll work with industry partners to ... Experience in cybersecurity risk assessments and supply chain or risk management efforts
As an information security risk specialist on our team, you'll work with industry partners to ... Experience in cybersecurity risk assessments and supply chain or risk management efforts
Manager Security Risk Assessment information
See salary details
$51.5K - $62.3K
4% of jobs
$62.3K - $73K
6% of jobs
$73K - $83.8K
11% of jobs
$87.9K is the 25th percentile. Wages below this are outliers.
$83.8K - $94.6K
11% of jobs
The median wage is $103.2K / yr.
$94.6K - $105.4K
23% of jobs
$105.4K - $116.1K
13% of jobs
$123.2K is the 75th percentile. Wages above this are outliers.
$116.1K - $126.9K
12% of jobs
$126.9K - $137.7K
8% of jobs
$137.7K - $148.5K
6% of jobs
$148.5K - $159.2K
4% of jobs
$159.2K - $170K
2% of jobs
$51.5K
$111.6K
$170K
How much do manager security risk assessment jobs pay per year?
As of Jun 20, 2026, the average yearly pay for manager security risk assessment in the United States is $111,556.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $129,000.00 per year, depending on experience, location, and employer.
What is the difference between Manager Security Risk Assessment vs Security Analyst?
| Aspect | Manager Security Risk Assessment | Security Analyst |
|---|---|---|
| Certifications | CISSP, CISM, CRISC | CISSP, Security+ |
| Work Environment | Oversees security programs, manages teams | Analyzes security threats, monitors systems |
| Industry Usage | Common in organizations with complex security needs | Widely used across various industries for threat detection |
The Manager Security Risk Assessment focuses on leading security risk evaluations, managing teams, and developing security strategies. In contrast, a Security Analyst primarily monitors security systems, analyzes threats, and responds to incidents. Both roles require relevant certifications and work within the cybersecurity industry, but their responsibilities differ in scope and focus.
What cities are hiring for Manager Security Risk Assessment jobs? Cities with the most Manager Security Risk Assessment job openings:
What are the most commonly searched types of Security Risk Assessment jobs? The most popular types of Security Risk Assessment jobs are:
What states have the most Manager Security Risk Assessment jobs? States with the most job openings for Manager Security Risk Assessment jobs include:
Full-time
Medical, Retirement, PTO
Posted 7 days ago
Job description
Position Summary
Reporting to the CISO, the Senior Security Analyst, Compliance & Risk serves as a key member of the Security team and acts as the primary liaison between Security and the broader Governance, Risk, and Compliance (GRC) organization.
This role is responsible for ensuring Security-owned controls remain audit-ready, supporting enterprise compliance initiatives, managing security risk activities, conducting third-party security assessments, and helping drive a culture of continuous improvement across the security program.
The ideal candidate combines strong compliance and risk expertise with operational excellence, business acumen, and the ability to influence stakeholders across Engineering, Product, IT, Legal, Privacy, and business teams.
Level & Scope
This role:
Key Responsibilities
Security Compliance & Audit Readiness
Security Governance
Security Risk Management
Third-Party Security Risk Management
Customer Trust & Security Assurance
Security Awareness & Training
Security Operations Excellence, Automation & AI Enablement
Qualifications
What Success Looks Like
Within the first year, the successful candidate will:
At Quickbase, we believe in pay transparency and are committed to equitable pay practices. The compensation range for this role is $89,000 - $140,000 per year The exact compensation offered will be based on experience, skills, and alignment with internal equity. Beyond salary, employees receive bonus/commission eligibility and access to a full benefits package including health insurance, 401k, paid time off, etc.
Skills & Requirements Qualifications
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Reporting to the CISO, the Senior Security Analyst, Compliance & Risk serves as a key member of the Security team and acts as the primary liaison between Security and the broader Governance, Risk, and Compliance (GRC) organization.
This role is responsible for ensuring Security-owned controls remain audit-ready, supporting enterprise compliance initiatives, managing security risk activities, conducting third-party security assessments, and helping drive a culture of continuous improvement across the security program.
The ideal candidate combines strong compliance and risk expertise with operational excellence, business acumen, and the ability to influence stakeholders across Engineering, Product, IT, Legal, Privacy, and business teams.
Level & Scope
This role:
- Operates independently across multiple workstreams and compliance frameworks.
- Owns execution and continuous improvement of Security compliance and risk programs.
- Influences cross-functional stakeholders without direct authority.
- Balances operational execution with strategic program enhancement.
- Drives scalable, automation-enabled security assurance processes.
- Serves as a trusted advisor to Security leadership and business stakeholders.
Key Responsibilities
Security Compliance & Audit Readiness
- Serve as the Security team's primary point of contact for SOC 1, SOC 2, ISO 27001, HIPAA, and other compliance audits.
- Partner with internal and external auditors to support evidence collection, walkthroughs, testing activities, and remediation efforts.
- Ensure Security-owned controls are operating effectively and remain audit-ready throughout the year.
- Coordinate remediation activities for audit findings, control deficiencies, and security gaps.
- Maintain control documentation, evidence repositories, and audit artifacts.
Security Governance
- Maintain and support the lifecycle of security policies, standards, procedures, and operational documentation.
- Ensure security governance documentation remains aligned with business, regulatory, and compliance requirements.
- Support policy reviews, approvals, and periodic updates.
Security Risk Management
- Conduct security risk assessments for technologies, business initiatives, vendors, and emerging risks.
- Maintain Security-owned risks within the enterprise risk management program.
- Facilitate risk acceptance, exception management, and remediation tracking processes.
- Develop security risk reporting and metrics for Security leadership.
Third-Party Security Risk Management
- Perform security reviews and risk assessments of vendors, SaaS providers, AI technologies, and strategic partners.
- Partner with Procurement, Legal, Privacy, and business stakeholders during vendor onboarding and renewals.
- Support M&A security due diligence and integration activities when required.
Customer Trust & Security Assurance
- Support customer security assessments, due diligence requests, and security questionnaires.
- Maintain customer-facing security documentation and trust artifacts.
- Assist with Trust Center content and security assurance initiatives.
- Partner with Sales and Customer Success teams to address customer security concerns.
Security Awareness & Training
- Support security awareness initiatives, phishing simulations, and compliance training activities.
- Measure program effectiveness and identify opportunities for improvement.
- Promote a strong security culture across the organization.
Security Operations Excellence, Automation & AI Enablement
- Leverage GRC and security tooling to improve compliance visibility and operational efficiency.
- Identify opportunities to automate evidence collection, control monitoring, reporting, and risk tracking.
- Utilize AI-enabled capabilities to improve audit readiness, reporting quality, workflow efficiency, and continuous compliance activities.
- Develop metrics and dashboards to support executive reporting and program maturity.
Qualifications
- 5-9 years of experience in cybersecurity, security compliance, governance, risk management, audit, security assurance, or related security functions within SaaS, cloud-native, or technology organizations.
- Hands-on experience supporting or leading SOC 2, SOC 1, ISO 27001, HIPAA, GDPR, NIST, or similar compliance and security frameworks.
- Strong understanding of security controls, risk assessment methodologies, control testing, audit evidence management, and remediation tracking.
- Experience partnering with internal and external auditors and managing audit readiness activities across multiple concurrent compliance programs.
- Proven ability to drive security, compliance, and risk initiatives across cross-functional teams without direct authority.
- Experience conducting security reviews of vendors, cloud services, AI solutions, and third-party providers.
- Familiarity with GRC and compliance platforms such as Vanta, Drata, OneTrust, AuditBoard, or similar solutions.
- Strong understanding of cloud security concepts and controls across AWS, Azure, and/or GCP environments.
- Excellent analytical, organizational, written, and verbal communication skills, with the ability to communicate effectively with technical and non-technical stakeholders.
- Experience supporting customer security assessments, security questionnaires, Trust Center activities, or enterprise sales security reviews is preferred.
- Experience working in high-growth SaaS, private equity-backed, or regulated environments is highly desirable.
- Professional certifications such as CISA, CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.
- Experience leveraging automation, AI-enabled workflows, or continuous control monitoring solutions to improve compliance and operational efficiency is a plus.
What Success Looks Like
Within the first year, the successful candidate will:
- Consistently maintain Security audit readiness across multiple compliance frameworks.
- Reduce audit preparation effort through process improvements and automation.
- Improve visibility and management of Security-owned risks.
- Strengthen vendor security review and customer assurance processes.
- Establish meaningful security metrics and reporting for leadership.
- Become a trusted partner to Engineering, Product, IT, Legal, Privacy, and business stakeholders.
- Help advance Quickbase's culture of trust, security, and operational excellence.
At Quickbase, we believe in pay transparency and are committed to equitable pay practices. The compensation range for this role is $89,000 - $140,000 per year The exact compensation offered will be based on experience, skills, and alignment with internal equity. Beyond salary, employees receive bonus/commission eligibility and access to a full benefits package including health insurance, 401k, paid time off, etc.
Skills & Requirements Qualifications
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
About Quickbase
Sourced by ZipRecruiter
Industry
Software development
Company size
501 - 1,000 Employees
Headquarters location
Boston, MA, US
Year founded
1999