1

Manager Security Risk Assessment Jobs (NOW HIRING)

next page

Showing results 1-20

Manager Security Risk Assessment information

See salary details

$51.5K

$111.6K

$170K

How much do manager security risk assessment jobs pay per year?

As of Jul 11, 2026, the average yearly pay for manager security risk assessment in the United States is $111,556.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $129,000.00 per year, depending on experience, location, and employer.

What is the difference between Manager Security Risk Assessment vs Security Analyst?

AspectManager Security Risk AssessmentSecurity Analyst
CertificationsCISSP, CISM, CRISCCISSP, Security+
Work EnvironmentOversees security programs, manages teamsAnalyzes security threats, monitors systems
Industry UsageCommon in organizations with complex security needsWidely used across various industries for threat detection

The Manager Security Risk Assessment focuses on leading security risk evaluations, managing teams, and developing security strategies. In contrast, a Security Analyst primarily monitors security systems, analyzes threats, and responds to incidents. Both roles require relevant certifications and work within the cybersecurity industry, but their responsibilities differ in scope and focus.

What cities are hiring for Manager Security Risk Assessment jobs? Cities with the most Manager Security Risk Assessment job openings:
What are the most commonly searched types of Security Risk Assessment jobs? The most popular types of Security Risk Assessment jobs are:
What states have the most Manager Security Risk Assessment jobs? States with the most job openings for Manager Security Risk Assessment jobs include:
VP, Lead Security Risk Analyst

VP, Lead Security Risk Analyst

Banc of California

Los Angeles, CA • On-site

Full-time

Re-posted 7 days ago


Banc Of California rating

7.9

Company rating: 7.9 out of 10

Based on 5 frontline employees who took The Breakroom Quiz

66th of 148 rated banks


Job description

Job Summary:
Banc of California is a premier relationship-based business bank committed to delivering meaningful results and supporting local communities. They are seeking a VP, Lead Security Risk Analyst to lead enterprise-wide Information Security risk engagement and drive the development and execution of the Information Security risk and GRC programs, ensuring effective risk management aligned with the organization’s risk appetite.
Responsibilities:
• Lead enterprise Information Security engagement across all enterprise-wide corporate projects, championing security by design principles, influencing security decisions without direct authority and driving alignment across multiple business and technology domains.
• Contribute to the development, management, and ongoing improvement of the Information Security risk program, compliance initiatives, and overall security risk posture.
• Partner with senior management to design and implement maturity strategies and operations into the Information Security GRC team.
• Maintain Information Security risk register, report monthly to appropriately address key risk areas.
• Support policies and procedures maintenance aligned with in-scope security frameworks, regulations, and internal standards to manage identified risk effectively.
• Conduct regular risk assessments to identify potential threats and vulnerabilities across the organization analyzing their impact and likelihood of occurrence.
• Generate reports on risk assessments, compliance status, and control effectiveness to communicate findings to stakeholders at various levels within the organization.
• Lead and deliver enterprise and domain risk assessments (at least annually, or event driven) using consistent methodology that complies with regulatory requirements
• Conduct and lead the bank’s most complex and high-impact risk assessments, including those involving enterprise architecture, modernization initiatives, AI/ML platforms, cloud deployments, or third-party integrations.
• Drive cross-functional remediation initiatives, ensuring timely resolution of identified issues and alignment with enterprise risk appetite.
• Act as the primary GRC representative and senior advisor in enterprise security architecture projects, ensuring that security, compliance, and risk considerations are embedded in design decisions for cloud, infrastructure, and applications.
• Lead architecture-focused risk assessments for new technologies, major system integrations, cloud migrations, and high-impact projects to identify systemic risks and required compensating controls.
• Translate security policies, standards, regulatory requirements and control frameworks into detailed architectural requirements, control patterns, and secure design standards consumable by engineering and application teams.
• Advise solution architects, engineers, and product teams on secure design patterns, identity and access architecture, encryption frameworks, data protection requirements, and logging/monitoring standards.
• Evaluate the security implications of modernization initiatives, and system migrations ensuring risks are documented and mitigated through appropriate design.
• Define architecture-aligned security requirements and control baselines that engineering and architecture teams use to build secure-by-design systems.
• Partner with detection engineering and cloud teams to ensure logging, auditability, and monitoring capabilities are embedded in the technology stack.
• Lead complex and technical vendor security reviews, including onboarding assessments, and high-risk assessments involving cloud platforms, data integrations, and critical infrastructure providers.
• Follow all established policies and procedures.
• Perform other duties and projects as assigned.
Qualifications:
Required:
• Bachelor’s degree in information systems, engineering, business, risk management, or related field; and related certifications (e.g., CISSP ISSAP, SABSA, CCSP, GCAD, CRISC, CISSP).
• 7-9+ years of experience in GRC, cybersecurity, risk management or related fields, and most importantly cloud/security architecture, particularly in highly regulated industries such as financial, or professional services.
• Demonstrated history of influencing architectural decisions and driving enterprise-level security program improvements.
• High technical knowledge across Cybersecurity domains, including Security Operations, Incident Response, Security Engineering, Cloud Security, Artificial Intelligence (AI), Data Security, Configuration Management, Log Generation, Security Risk Assessments/testing methodologies, Secure Software Development Lifecycle, evaluating the adequacy and efficiency of internal controls.
• Advanced knowledge of cloud architecture, application security, identity governance, encryption, secure design patterns, network architecture, and telemetry design.
• Experience translating requirements into architectural controls and technical standards.
• Expert knowledge of GRC frameworks and regulations (e.g., PCI-DSS, GDPR, CCPA, GLBA, NIST, ISO 27001).
• Strong knowledge in OWASP, CIS and/or other security standards and secure configuration baselines.
• Excellent analytical skills with the ability to assess complex risks and develop effective mitigation security strategies.
• Comfortable solving ambiguous, enterprise-scale problems.
• Proven ability to lead multi-team initiatives and drive results in a fast-paced environment.
• Excellent communication and interpersonal skills, with the ability to influence senior engineers, architects, and business leaders.
• High School diploma or equivalent required.
Company:
Banc of California provides a full-service banking and home lending to individuals and their businesses and families. Founded in 1941, the company is headquartered in Irvine, USA, with a team of 1001-5000 employees. The company is currently Late Stage.

What Banc Of California employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom