ZipRecruiter

Log In

1

Quantitative Cyber Risk Jobs in Florida (NOW HIRING)

ManTech International

Operations Research Analyst

Tampa, FL · On-site

$93K - $110K/yr

Experience conducting both quantitative and qualitative analysis and applying scientific ... Experience with the Sponsor's primary cyber risk and compliance automation tools. Clearance ...

ManTech

Operations Research Analyst

Fort Walton Beach, FL · On-site

$80K - $95K/yr

Experience conducting both quantitative and qualitative analysis and applying scientific ... Experience with the Sponsor's primary cyber risk and compliance automation tools. Clearance ...

Monitise

Credit Risk Manager

Coral Springs, FL

$69K - $110K/yr

Bachelor's degree in Business Management, Finance, Economics, Statistics or related quantitative ... Fraudulent job postings may be used by cyber criminals to target your personally identifiable ...

ManTech

Data Analyst

Fort Walton Beach, FL · On-site

... quantitative analysis of data that support Sponsor products. Minimum Qualifications: * Bachelor ... Experience with the Sponsor's primary cyber risk and compliance automation tools. * Self-starter ...

ManTech International

Data Analyst

Tampa, FL · On-site

... quantitative analysis of data that support Sponsor products. Minimum Qualifications: * Bachelor ... Experience with the Sponsor's primary cyber risk and compliance automation tools. * Self-starter ...

next page

Showing results 1-20

All JobsQuantitative Cyber Risk JobsQuantitative Cyber Risk Jobs in Florida

Quantitative Cyber Risk information

What are some common challenges faced by professionals in Quantitative Cyber Risk roles and how can they be addressed?

Professionals in Quantitative Cyber Risk roles often encounter challenges such as translating complex cyber threats into measurable financial terms and obtaining reliable data for risk modeling. Collaborating closely with IT security teams and business stakeholders is essential to bridge gaps in understanding and ensure risk assessments are both technically accurate and aligned with organizational goals. Staying current with evolving threat landscapes and regulatory requirements also demands continuous learning and adaptation. Leveraging industry-standard frameworks and advanced analytics tools can help address these challenges effectively.

What is quantitative cyber risk?

Quantitative cyber risk involves using mathematical models and statistical techniques to measure and predict the financial impact of cyber threats on an organization. Unlike qualitative approaches that rely on subjective judgments, quantitative methods assign numerical values to risks, helping companies understand potential losses in dollar terms. This allows organizations to make more informed decisions about cybersecurity investments, insurance, and risk mitigation strategies.

What is quantitative risk in cyber security?

Quantitative cyber risk involves measuring and analyzing cybersecurity threats using numerical data, such as probabilities and potential financial impacts. Cybersecurity professionals use models and tools like risk assessment frameworks to quantify vulnerabilities and prioritize mitigation efforts based on measurable risk levels.

Is quantitative risk management in demand?

Quantitative cyber risk management is in high demand due to increasing cyber threats and the need for data-driven security strategies. Professionals in this field often utilize statistical models, risk assessment tools, and certifications like CRCM to address complex cybersecurity challenges across various industries.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role can be entry level, especially for positions labeled as SOC analyst I or junior SOC analyst. However, many SOC roles require some prior knowledge of cybersecurity concepts, security tools, and incident response, often necessitating relevant certifications like CompTIA Security+ or SANS certifications. Experience and technical skills can influence whether a SOC position is suitable for entry-level candidates.

What career in cybersecurity pays $500,000?

A senior Quantitative Cyber Risk analyst or risk management executive in cybersecurity can earn $500,000 or more annually, especially with extensive experience, advanced certifications, and leadership roles. High-level positions in financial institutions or large corporations often offer such compensation, which may include bonuses and stock options.

What is the difference between Quantitative Cyber Risk vs Cyber Risk Analyst?

AspectQuantitative Cyber RiskCyber Risk Analyst
Required CredentialsCertifications like CRCM, CISSP, or CISA; strong quantitative backgroundCertifications such as CISA, CRISC; focus on risk assessment skills
Work EnvironmentFinancial institutions, cybersecurity firms, large corporationsFinancial services, consulting firms, government agencies
Industry UsageFocuses on modeling and quantifying cyber risks using data analysisEvaluates and reports on cyber risks, develops mitigation strategies

While both roles involve cybersecurity, Quantitative Cyber Risk specialists focus on modeling and quantifying risks using data and mathematical methods. Cyber Risk Analysts assess, analyze, and communicate cyber threats and vulnerabilities. The former is more data-driven and modeling-oriented, whereas the latter emphasizes risk evaluation and strategic recommendations.

What are the key skills and qualifications needed to thrive as a Quantitative Cyber Risk professional, and why are they important?

To thrive as a Quantitative Cyber Risk professional, you need strong analytical skills, expertise in statistics or mathematics, and a background in cybersecurity or risk management, often supported by relevant degrees or certifications. Familiarity with risk modeling tools, programming languages like Python or R, and frameworks such as FAIR (Factor Analysis of Information Risk) is highly valued. Exceptional problem-solving, communication, and stakeholder management skills help translate complex risk data into actionable business insights. These competencies are critical for accurately assessing cyber risks, informing decision-making, and enhancing an organization's overall security posture.
What are popular job titles related to Quantitative Cyber Risk jobs in Florida? For Quantitative Cyber Risk jobs in Florida, the most frequently searched job titles are:
What job categories do people searching Quantitative Cyber Risk jobs in Florida look for? The top searched job categories for Quantitative Cyber Risk jobs in Florida are:
What cities in Florida are hiring for Quantitative Cyber Risk jobs? Cities in Florida with the most Quantitative Cyber Risk job openings:
Quantitative Cyber Risk jobs near you
Vice President - Third Party Resilience 2nd LOD Lead Analyst - Risk Management (Hybrid)

Vice President - Third Party Resilience 2nd LOD Lead Analyst - Risk Management (Hybrid)

Citigroup, Inc.

Tampa, FL • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 15 days ago

Job description

This role serves as an Independent Second Line Enterprise Resilience Risk professional, supporting the effective design, implementation, and oversight of Citi's Enterprise Resilience Framework, which is owned and executed by the First Line of Defense.
Operating within the Operational Risk Management (ORM) Framework, this role provides independent risk input, guidance, and constructive challenge across enterprise resilience capabilities, including business disruption risk, technology and infrastructure resilience, third-party dependency resilience, and operational continuity preparedness.
Individuals in this role are responsible for assessing framework adherence, risk identification quality, control design and operating effectiveness, governance outcomes, and management decision-making related to resilience risk. The role contributes directly to enhancing Citi's ability to prepare for, withstand, recover from, and adapt to operational disruptions, protecting the firm's safety, soundness, and client obligations.
Primary Responsibilities
  • Serve as an Independent Second Line Enterprise Resilience Risk partner, providing oversight and challenge to the First Line's execution of the Enterprise Resilience Framework (ERF).
  • Execute resilience risk oversight through the Operational Risk Management Framework, including risk identification, MCA assessment, issue management, and governance escalation.
  • Support the development, maturation, and ongoing effectiveness assessment of enterprise-wide resilience capabilities, including business services, impact tolerances, disruption scenarios, and recovery strategies.
  • Provide credible challenge to senior stakeholders on resilience risk decisions, framework changes, risk acceptance, and remediation prioritization.
  • Prepare clear, executive-level risk summaries to inform senior management, risk committees, and regulatory discussions.
  • Support regulatory interactions related to enterprise resilience, including preparation of materials, articulation of Second Line challenge, and follow-up on supervisory themes and findings.

Process & Risk Oversight
  • Conduct independent Second Line reviews of Enterprise Resilience Framework implementation, assessing alignment to policy, standards, and applicable regulatory and supervisory expectations.
  • Provide risk input and challenge on: Identification of important business services and critical activities impact tolerance definition and assumptions disruption scenario severity, plausibility and coverage mapping of people, technology, third parties, facilities, and data dependencies recovery and remediation strategy sufficiency.
  • Assess resilience-related MCA control design and operating effectiveness, including sustainability, ownership clarity, and integration across risk types.
  • Support resilience risk appetite and quarterly Risk Appetite Assessment (RAA) processes by: Aggregating qualitative and quantitative resilience risk inputs
    assessing consistency between risk evidence, RAA factor mapping, and conclusions providing an independent second line view of resilience risk posture.
  • Review and challenge resilience-related issues and corrective action plans (CAPs), including root cause quality, remediation realism, sequencing, and residual risk.
  • Analyze operational loss events, incidents, near misses, testing outcomes, and scenario results to identify emerging or systemic resilience weaknesses.
  • Support assessment of cross cutting dependency and concentration risk (e.g., single points of failure across technology, third parties, locations, or data).
    Governance, Reporting & Escalation
  • Contribute to enterprise resilience governance forums, providing independent risk perspectives, thematic insights, and escalation recommendations.
  • Prepare executive materials ready for summarizing: Overall resilience risk posture key vulnerabilities and single points of failure thematic trends and systemic risk recommend areas of management focus
  • Identify emerging resilience risks, regulatory sensitivities, and execution gaps requiring heightened oversight or escalation.
  • Track and manage assigned resilience framework initiatives or second line deliverables, ensuring transparency, prioritization, and timely execution.

Collaboration & Influence
  • Partner closely with First Line Resilience, Technology, Business, and Infrastructure teams while maintaining Second Line independence.
  • Collaborate with horizontal Risk SMEs (incl. but not limited to Technology Risk, Third-Party Risk, Cyber Risk, Compliance, Human Capital Risk, and Data Risk) to ensure comprehensive resilience risk coverage.
  • Function as a trusted resilience risk advisor to stakeholders, balancing constructive challenge with pragmatic risk guidance.
  • Partner with Compliance, Legal, and relevant Risk functions to support coordinated responses to resilience-related regulatory inquiries and examinations, as appropriate.
  • Support resilience risk training, awareness, and capability building across ORM.

Qualifications
  • Strong understanding of enterprise resilience concepts, including operational disruption, critical services, impact tolerance, dependency mapping, and recovery planning.
  • Demonstrated ability to independently assess risk, challenge assumptions, and influence senior stakeholders across the lines of defense.
  • Experience translating complex operational, technology, or dependency risks into clear, governance-ready insights.
  • Comfort operating in evolving regulatory environments and time-bound deliverables.
  • Strong written and verbal communication skills, with experience supporting senior management and risk committees.
  • Strong experience in Operational Risk Management, Enterprise Resilience, Business Continuity, Technology Risk, or related risk disciplines.
  • Demonstrated experience with: Risk and control assessments (MCA or equivalent)
    Risk appetite and RAA processes, issue management, and remediation oversight
    Scenario based risk assessment and testing.
  • Ability to assess both control design and operating effectiveness, with attention to sustainability and execution risk.
  • Proficiency in Microsoft PowerPoint and Excel, with experience preparing executive level materials.
  • Strong organizational skills and ability to manage multiple priorities independently.

Education
Bachelor's degree required.
Job Family Group:
Risk Management
Job Family:
Operational Risk
Time Type:
Full time
Primary Location:
Tampa Florida United States
Primary Location Full Time Salary Range:
$103,920.00 - $155,880.00
In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
Most Relevant Skills
Analytical Thinking, Control Monitoring, Credible Challenge, Governance, Issue Management, Operational Risk, Policy and Procedure, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment.
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.
Anticipated Posting Close Date:
Jun 10, 2026
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi's EEO Policy Statement and the Know Your Rights poster.

Apply