1

Quantitative Cyber Risk Jobs (NOW HIRING)

Apply FAIR or comparable quantitative methods for high-impact vendor decisions, expressing cyber risk in loss-exposure terms that resonate with senior leadership. * Advise IT, Engineering and ...

Apply FAIR or comparable quantitative methods for high-impact vendor decisions, expressing cyber risk in loss-exposure terms that resonate with senior leadership. * Advise IT, Engineering and ...

Apply FAIR or comparable quantitative methods for high-impact vendor decisions, expressing cyber risk in loss-exposure terms that resonate with senior leadership. * Advise IT, Engineering and ...

Apply FAIR or comparable quantitative methods for high-impact vendor decisions, expressing cyber risk in loss-exposure terms that resonate with senior leadership. * Advise IT, Engineering and ...

The ideal candidate will possess strong analytical and quantitative skills with experience ... Develop cost-benefit analysis, risk analysis, simulation model execution, operational effectiveness ...

ITSO Sr. Program Manager

Durham, NC · On-site

$112K - $112K/yr

This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University ... quantitative and qualitative analysis supporting data-driven decisions. Other Requirements • ...

ITSO Sr. Program Manager

Durham, NC · On-site

$112K - $112K/yr

This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University ... Proficiency with quantitative and qualitative analysis supporting datadriven decisions. Other ...

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance ... Clearly articulate research findings to business stakeholders and provide quantitative ...

... quantitative analysis of data that support Sponsor products. Minimum Qualifications: * Bachelor ... Experience with the Sponsor's primary cyber risk and compliance automation tools. * Self-starter ...

next page

Showing results 1-20

Quantitative Cyber Risk information

See salary details

$98K

$169.7K

$259.5K

How much do quantitative cyber risk jobs pay per year?

As of Jul 16, 2026, the average yearly pay for quantitative cyber risk in the United States is $169,729.00, according to ZipRecruiter salary data. Most workers in this role earn between $134,500.00 and $199,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals in Quantitative Cyber Risk roles and how can they be addressed?

Professionals in Quantitative Cyber Risk roles often encounter challenges such as translating complex cyber threats into measurable financial terms and obtaining reliable data for risk modeling. Collaborating closely with IT security teams and business stakeholders is essential to bridge gaps in understanding and ensure risk assessments are both technically accurate and aligned with organizational goals. Staying current with evolving threat landscapes and regulatory requirements also demands continuous learning and adaptation. Leveraging industry-standard frameworks and advanced analytics tools can help address these challenges effectively.

What is quantitative cyber risk?

Quantitative cyber risk involves using mathematical models and statistical techniques to measure and predict the financial impact of cyber threats on an organization. Unlike qualitative approaches that rely on subjective judgments, quantitative methods assign numerical values to risks, helping companies understand potential losses in dollar terms. This allows organizations to make more informed decisions about cybersecurity investments, insurance, and risk mitigation strategies.

Can you make $500,000 a year in cyber security?

Quantitative cyber risk roles can potentially reach high salaries, especially for senior professionals with advanced skills in data analysis, risk assessment, and cybersecurity tools. Achieving a $500,000 annual income typically requires extensive experience, specialized certifications, leadership responsibilities, or working in high-paying industries or consulting roles.

Is cybersecurity a dying field?

Quantitative cyber risk roles are in high demand due to increasing cyber threats and the need for data-driven security strategies. The field continues to grow as organizations prioritize cybersecurity, requiring skills in risk assessment, analytics, and security tools, with certifications like CISSP and CISM enhancing job prospects.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is often considered entry level, especially for those with foundational cybersecurity knowledge and certifications like CompTIA Security+ or Cisco CCNA. However, some SOC positions require prior experience or specialized skills, and advancement typically involves gaining experience and additional certifications such as CISSP or GIAC. Entry-level SOC roles focus on monitoring security alerts, using tools like SIEM systems, and supporting incident response efforts.

Can I make $200,000 a year in cyber security?

Quantitative cyber risk roles can offer salaries approaching or exceeding $200,000 annually, especially for senior positions or those with specialized skills in data analysis, risk modeling, and cybersecurity tools. Achieving this level often requires extensive experience, advanced certifications, and a strong understanding of financial and technical aspects of cyber risk management.

What is the difference between Quantitative Cyber Risk vs Cyber Risk Analyst?

AspectQuantitative Cyber RiskCyber Risk Analyst
Required CredentialsCertifications like CRCM, CISSP, or CISA; strong quantitative backgroundCertifications such as CISA, CRISC; focus on risk assessment skills
Work EnvironmentFinancial institutions, cybersecurity firms, large corporationsFinancial services, consulting firms, government agencies
Industry UsageFocuses on modeling and quantifying cyber risks using data analysisEvaluates and reports on cyber risks, develops mitigation strategies

While both roles involve cybersecurity, Quantitative Cyber Risk specialists focus on modeling and quantifying risks using data and mathematical methods. Cyber Risk Analysts assess, analyze, and communicate cyber threats and vulnerabilities. The former is more data-driven and modeling-oriented, whereas the latter emphasizes risk evaluation and strategic recommendations.

What are the key skills and qualifications needed to thrive as a Quantitative Cyber Risk professional, and why are they important?

To thrive as a Quantitative Cyber Risk professional, you need strong analytical skills, expertise in statistics or mathematics, and a background in cybersecurity or risk management, often supported by relevant degrees or certifications. Familiarity with risk modeling tools, programming languages like Python or R, and frameworks such as FAIR (Factor Analysis of Information Risk) is highly valued. Exceptional problem-solving, communication, and stakeholder management skills help translate complex risk data into actionable business insights. These competencies are critical for accurately assessing cyber risks, informing decision-making, and enhancing an organization's overall security posture.
More about Quantitative Cyber Risk jobs
What cities are hiring for Quantitative Cyber Risk jobs? Cities with the most Quantitative Cyber Risk job openings:
What states have the most Quantitative Cyber Risk jobs? States with the most job openings for Quantitative Cyber Risk jobs include:
What job categories do people searching Quantitative Cyber Risk jobs look for? The top searched job categories for Quantitative Cyber Risk jobs are:
Infographic showing various Quantitative Cyber Risk job openings in the United States as of July 2026, with employment types broken down into 88% Full Time, and 12% Contract. Highlights an 94% In-person, and 6% Remote job distribution, with an average salary of $169,729 per year, or $81.6 per hour.

Quantitative Analyst- W2- Jersey City, NJ, 07311

Amicis Global

Jersey City, NJ • On-site

$70 - $80/hr

Contractor

Posted 2 days ago


Job description

Title: Data Modeler
Duration: 6+ Months
Location: Jersey City, NJ, 07311
 
Summary:
The Insider Risk team, in partnership with the Information Security Data Operations team, is working on a project to centralize IR data in the Cybersecurity Data Lakehouse (CyberDW). We are looking for a Data Scientist who can work with the developers and Data Analysts to perform analytics, develop risk and quant models around Insider Risk data. Ultimately, we want to create a human risk score for the Insider Risk program. This individual will be adept at ML, AI and best practices around the new tools in the marketplace.
The Data Scientist / Data Modeler / Quantitative Analyst will play a critical role in advancing the Insider Risk program's detection, scoring, and decisioning capabilities. This role is responsible for designing, building, and continuously improving quantitative models, statistical methods, and analytical frameworks used to identify, assess, and prioritize insider risk across employees, contractors, vendors, and non‐human identities.
The role partners closely with Cyber, HR, Legal, Compliance, Anti‐Fraud, and Enterprise Information Protection to transform complex enterprise data into defensible risk signals, transparent scoring models, and executive‐level metrics that support investigations, governance, and regulatory scrutiny.
Required Skills:
1) Bachelor's or Master's degree in Data Science, Statistics, Applied Mathematics, Economics, Quantitative Finance, Computer Science, or a related discipline.
2) 5+ years of experience in data science, quantitative analysis, or risk modeling, preferably in financial services or regulated industries.
3) Strong experience building statistical or machine‐learning models (regression, classification, anomaly detection, clustering).
4) Proficiency in Python and/or R, with experience in SQL for large‐scale data analysis.
5) Hands‐on experience working with complex enterprise datasets and translating analytics into business decisions.
6) Strong communication skills with the ability to explain complex analytical concepts to non‐technical stakeholders.
7) Experience supporting Insider Risk, Fraud, AML, Cybersecurity, UEBA, or Threat Analytics programs.
8) Familiarity with identity and access data, endpoint telemetry, DLP, email, or collaboration monitoring.
9) Experience with model explainability, governance, and validation in regulated environments.
10) Knowledge of employee lifecycle risk, behavioral analytics, or human‐centric risk modeling.