ZipRecruiter

Log In

2

Remote Cyber Security Risk Analyst Jobs (NOW HIRING)

Apogee Global RMS

Risk Analyst

San Jose, CA · Remote

Working knowledge of one or more risk management frameworks, such as NIST Cybersecurity Framework 2 ... Remote within the United States. Occasional travel for client engagements or firm offsites at ...

Apogee Global RMS

Risk Analyst

San Jose, CA · On-site +1

Working knowledge of one or more risk management frameworks, such as NIST Cybersecurity Framework 2 ... Remote within the United States. Occasional travel for client engagements or firm offsites at ...

Apogee Global RMS

Risk Analyst

San Jose, CA · Remote

Working knowledge of one or more risk management frameworks, such as NIST Cybersecurity Framework 2 ... Remote within the United States. Occasional travel for client engagements or firm offsites at ...

Technomics

Cyber Risk Analyst SME

Arlington, VA · On-site +1

This role involves conducting on-site and remote cyber risk assessments, developing mitigation ... You will work alongside cybersecurity, OT, and systems engineering SMEs, creating task plans ...

HealthEquity

Sr Third Party Risk Analyst (TPRM)

$87K - $111K/yr

As a Senior Third Party Risk Analyst , you'll play a critical role in ensuring the security ... cybersecurity and AI governance frameworks , including NIST CSF and NIST AI RMF. #LI-Remote This is ...

HealthEquity

Sr Third Party Risk Analyst (TPRM)

$87K - $111K/yr

As a Senior Third Party Risk Analyst , you'll play a critical role in ensuring the security ... cybersecurity and AI governance frameworks , including NIST CSF and NIST AI RMF. #LI-Remote This is ...

Hudson Manpower

Cyber Risk Analyst

Cincinnati, OH · On-site +1

$35/hr

CINCINNATI preferred, remote in EST Payrate : $35/hr on W2 TOP SKILLS: Risk management ... Basic familiarity with cybersecurity principles, risk concepts and business process analysis Strong ...

Xplor

Risk Analyst- REMOTE

Atlanta, GA · On-site +1

Join our XplorPay vertical as a Risk Analyst to make a real impact every day. We say that because ... You can work fully remote in this position, provided you have eligible working rights in the United ...

Xplor

Risk Analyst- REMOTE

Atlanta, GA · Remote

Join our XplorPay vertical as a Risk Analyst to make a real impact every day. We say that because ... You can work fully remote in this position, provided you have eligible working rights in the United ...

Pavago

Risk Analyst

Risk Analyst / Risk Manager Position Type: Full-Time, Remote Working Hours: U.S. client business hours (with flexibility for reporting cycles, audits, and incident response) About the Role Our client ...

Eosenergystorage

Manager, Cybersecurity

Nova, OH · On-site +1

$93K - $126K/yr

Conduct and maintain enterprise risk assessments, including IT, OT, Product, Field Operations, and ... Analyze and recommend responses to security incidents, investigations, and remediation activities

next page

Showing results 1-20

People also search for

All JobsRemote Cyber Security Risk Analyst Jobs

Remote Cyber Security Risk Analyst information

See salary details

$43K

$99.4K

$150K

How much do remote cyber security risk analyst jobs pay per year?

As of Jun 18, 2026, the average yearly pay for remote cyber security risk analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

How does a Remote Cyber Security Risk Analyst typically collaborate with other departments in a fully remote environment?

Remote Cyber Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks across the organization. Collaboration is usually facilitated through virtual meetings, secure communication platforms, and shared documentation tools. Analysts provide guidance on security best practices, participate in incident response efforts, and help ensure compliance with regulatory standards. Effective communication and proactive engagement with stakeholders are essential for success in this remote role.

What does a Remote Cyber Security Risk Analyst do?

A Remote Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating potential security threats to an organization's information systems while working from a remote location. They evaluate existing security measures, analyze vulnerabilities, and recommend improvements to reduce risks. Additionally, they monitor for security breaches, conduct risk assessments, and ensure compliance with relevant regulations and policies. Their work helps protect sensitive data and maintain the integrity of technology systems.

What are the key skills and qualifications needed to thrive as a Remote Cyber Security Risk Analyst, and why are they important?

To thrive as a Remote Cyber Security Risk Analyst, you need a solid understanding of information security principles, risk assessment methodologies, and typically a degree in cybersecurity or a related field. Familiarity with tools like risk management frameworks (e.g., NIST, ISO 27001), vulnerability scanners, and certifications such as CISSP or CISA is highly beneficial. Strong analytical thinking, attention to detail, and effective written and verbal communication skills are essential for collaborating remotely and conveying risk findings to stakeholders. These skills and qualities are crucial for identifying, evaluating, and mitigating cyber risks to protect organizational assets in a distributed work environment.

What is the difference between Remote Cyber Security Risk Analyst vs Remote Cyber Security Analyst?

AspectRemote Cyber Security Risk AnalystRemote Cyber Security Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentRisk assessment, policy development, complianceMonitoring, threat detection, incident response
Employer & Industry UsageFinancial, healthcare, government sectorsTech companies, consulting firms, enterprises

The Remote Cyber Security Risk Analyst focuses on identifying and managing security risks, ensuring compliance, and developing policies. In contrast, the Remote Cyber Security Analyst primarily monitors systems for threats, investigates incidents, and implements security measures. Both roles require similar certifications and often work in overlapping environments, but their core responsibilities differ in scope and focus.

More about Remote Cyber Security Risk Analyst jobs
What cities are hiring for Remote Cyber Security Risk Analyst jobs? Cities with the most Remote Cyber Security Risk Analyst job openings:
What are the most commonly searched types of Cyber Security Risk Analyst jobs? The most popular types of Cyber Security Risk Analyst jobs are:
What states have the most Remote Cyber Security Risk Analyst jobs? States with the most job openings for Remote Cyber Security Risk Analyst jobs include:
What job categories do people searching Remote Cyber Security Risk Analyst jobs look for? The top searched job categories for Remote Cyber Security Risk Analyst jobs are:
Remote Cyber Security Risk Analyst jobs near you
Infographic showing various Remote Cyber Security Risk Analyst job openings in the United States as of June 2026, with employment types broken down into 82% Full Time, 5% Part Time, and 13% Contract. Highlights an 100% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.
CYBERSECURITY RISK ANALYST

CYBERSECURITY RISK ANALYST

CITGO Petroleum Corporation

Houston, TX • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 2 days ago

Citgo rating

6.2

Company rating: 6.2 out of 10

Based on 55 frontline employees who took The Breakroom Quiz

51st of 74 rated oil and gas companies

Job description

CITGO PETROLEUM CORPORATION

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource.  Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary

The Cybersecurity Risk Analyst is responsible for identifying, assessing, and managing cybersecurity risks across the organization's IT and OT environments. This role involves conducting comprehensive risk assessments, leading vulnerability management efforts, and ensuring compliance with industry frameworks and regulations. The analyst will work closely with cross-functional teams to design and implement effective risk mitigation strategies, evaluate third-party risks, and support incident response and post-incident evaluations. By leveraging data-driven methods and tracking key performance indicators, the Cybersecurity Risk Analyst plays a critical role in enhancing the organization’s security posture and aligning cybersecurity efforts with business objectives.

Minimum Qualifications

Degree:

  • Bachelor's Degree

The minimum number of years of job related experience required by this job is: 

  • 8 years.

List any specialized training or unique skills required / preferred:

  • In-depth understanding of cybersecurity frameworks such as NIST, ISO 27001, and FAIR.
  • Strong familiarity with IT and OT environments, including cloud platforms, IoT devices, data centers, and software applications.
  • Expertise in vulnerability management processes, penetration testing, and threat modeling.
  • Awareness of emerging technologies and their associated risks.
  • Advanced analytical and problem-solving skills for assessing and prioritizing risks.
  • Effective communication and presentation skills to translate technical risks into business impacts for stakeholders.
  • Proficiency in creating detailed documentation, including risk reports, policies, and compliance evidence.
  • Preferred CISSP, CRISC or other security certifications.
Job Duties

1. Comprehensive Infrastructure Risk Assessment

  • Perform regular risk assessments of IT and OT systems, including networks, cloud platforms, IoT devices, and software, aligned with NIST and CIS Controls.
  • Ensure compliance with security regulations (e.g., GDPR, CCPA, PCI DSS) and manage third-party risks.

2. Vulnerability Management

  • Lead vulnerability scans, penetration tests, and threat modeling.
  • Assess and address vulnerabilities, prioritize patches, and adapt to new threats in collaboration with teams.

3. Risk Reporting & Communication

  • Present risk reports to stakeholders, translating technical details into business impacts.
  • Use methods like FAIR to prioritize risks and provide updates on risks, incidents, and mitigation efforts.

4. Collaboration on Risk Mitigation

  • Partner with governance and IT teams to develop and implement risk mitigation strategies aligned with security and business goals.

5. Incident Response & Risk Evaluation

  • Act as a key incident response team member, offering expertise during security incidents.
  • Conduct post-incident evaluations, identify root causes, and participate in simulations to enhance response readiness.
Job Duties II

6. Cybersecurity Framework & Policy Development

  • Contribute to developing and refining cybersecurity policies, standards, and procedures aligned with risk management strategies.
  • Provide input on creating technical security standards supporting risk management goals.

7. Regulatory Compliance and Audit Support

  • Ensure compliance with regulatory requirements through risk assessments, vulnerability management, and mitigation efforts.
  • Support cybersecurity audits by providing documentation, reports, and evidence of remediation activities.

8. KPI Tracking & Reporting

  • Monitor KPIs to evaluate the effectiveness of risk and vulnerability management programs.
  • Leverage metrics, automated tools, and dashboards to report on security posture and provide real-time insights.

9. Emerging Technology Risk Management

  • Evaluate risks tied to adopting emerging technologies (e.g., AI, blockchain) and integrate them securely.
  • Develop strategies to address risks linked to digital transformation initiatives.

Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned. 

Here are the incentives we offer:

• Remote Work options available for eligible positions
• Options are department and/or location specific
• 9/80 Work Schedule Option (where applicable)
• Annual Vacation Incentive (40-120 hours of additional pay) for Eligible Employees
• Paid Vacation Time
• Company-Paid Holidays
• Caregiver Leave
• Excellent 401(k) Match
• Pension Plan
• Company-Paid Sick Leave and Long-Term Disability
• Medical, Dental, & Vision Plans; FSA and HSA options
• Company-Paid Life Insurance for Active Employees
• Healthy Rewards Program
• Service Awards Program
• Educational Assistance Plan
• Dependent Children Scholarships
• Reimbursement for Gym Membership
• Employee Discount Programs
• On-site Health Clinic (select locations)
• On-site Cafeteria (select locations)
• On-site Credit Union and ATM (Corporate office only)
• On-site Fitness Center (select locations)


PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Requisition ID - 1129 

What Citgo employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply