ZipRecruiter

Log In

2

Remote Security Risk Assessment Jobs (NOW HIRING)

CivicPlus, LLC

Information Security Risk Analyst

$70.30K - $101.30K/yr

Lead third-party security risk assessments for vendors, partners, and service providers through analysis of assurance documentation, security testing summaries, and security questionnaires.

College Board

Senior Director, Governance and Risk

This is a remote role. Candidates who live near CB offices have the option of being fully remote or ... assess and certify the security of College Board's information systems and processes. This ...

next page

Showing results 1-20

People also search for

All JobsSecurity Risk Assessment JobsRemote Security Risk Assessment Jobs

Remote Security Risk Assessment information

See salary details

$10

$50

$69

How much do remote security risk assessment jobs pay per hour?

As of May 29, 2026, the average hourly pay for remote security risk assessment in the United States is $50.41, according to ZipRecruiter salary data. Most workers in this role earn between $40.87 and $60.10 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote Security Risk Assessor, and why are they important?

To thrive as a Remote Security Risk Assessor, you need expertise in cybersecurity principles, risk analysis, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like vulnerability scanners, security information and event management (SIEM) systems, and risk assessment frameworks (e.g., NIST, ISO 27001) is essential. Strong analytical thinking, communication skills, and attention to detail help in accurately identifying and communicating risks to stakeholders. These skills and qualities are vital to ensure organizations can proactively mitigate threats and maintain robust security postures in remote or distributed environments.

What are some common challenges faced by professionals in remote security risk assessment roles?

Professionals in remote security risk assessment often encounter challenges such as limited on-site visibility, reliance on digital communication, and the need to assess complex IT environments from afar. Effective collaboration with on-site staff and stakeholders is essential to gather accurate information and implement recommendations. Additionally, staying up-to-date with evolving cybersecurity threats and maintaining clear documentation are vital for success in this role.

What is a Remote Security Risk Assessment?

A Remote Security Risk Assessment is a process where security professionals evaluate an organization's security risks, vulnerabilities, and threats without being physically present on-site. This assessment is typically conducted through virtual meetings, digital questionnaires, and remote access to systems and documentation. The goal is to identify potential security gaps and recommend improvements to protect sensitive data and systems from cyber threats. Remote assessments have become increasingly popular due to their flexibility, cost-effectiveness, and ability to serve organizations regardless of location.

What is the difference between Remote Security Risk Assessment vs Cybersecurity Analyst?

AspectRemote Security Risk AssessmentCybersecurity Analyst
CredentialsCertifications like CISSP, CISA, CISMCertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRemote or on-site, focusing on risk evaluationRemote or on-site, focusing on security monitoring and incident response
Industry UsageUsed in risk management, compliance, and audit contextsUsed in security operations, threat analysis, and incident handling

Remote Security Risk Assessments and Cybersecurity Analysts both require security certifications and often work in similar environments. However, risk assessors focus on evaluating vulnerabilities and compliance, while analysts handle ongoing security monitoring and incident response. Understanding these differences helps organizations assign the right roles for their security needs.

More about Remote Security Risk Assessment jobs
What cities are hiring for Remote Security Risk Assessment jobs? Cities with the most Remote Security Risk Assessment job openings:
What are the most commonly searched types of Security Risk Assessment jobs? The most popular types of Security Risk Assessment jobs are:
What states have the most Remote Security Risk Assessment jobs? States with the most job openings for Remote Security Risk Assessment jobs include:
What job categories do people searching Remote Security Risk Assessment jobs look for? The top searched job categories for Remote Security Risk Assessment jobs are:
Remote Security Risk Assessment jobs near you
Infographic showing various Remote Security Risk Assessment job openings in the United States as of May 2026, with employment types broken down into 69% Full Time, 28% Part Time, and 3% Contract. Highlights an 89% Physical, 3% Hybrid, and 8% Remote job distribution, with an average salary of $104,848 per year, or $50.4 per hour.

Information Security Risk Assessment Sr. Analyst

Rootshell Enterprise Technologies, Inc.

Remote

Full-time

Posted 10 days ago

Job description

Hello All,
Greetings from Rootshell Inc.
Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US. We are actively seeking Information Security Risk Assessment Sr. Analyst for one of our client, Please share your resume with current location & full contact info
Role: Information Security Risk Assessment Sr. Analyst
Location: San Jose or Remote
Job Summary:
Key Responsibilities:
• Conduct security risk assessments to identify, score and document potential risks from
threats and vulnerabilities within the organization's infrastructure and applications.
• Perform control effectiveness assessment by collaborating with cross-functional teams to
understand technical implementations and assess control strength
• Communicate identified security risks and their potential impact to stakeholders,
including technical and non-technical audiences.
• Track and report on the status of risk remediation efforts, ensuring timely resolution and
compliance with organizational policies.
• Maintain security risk register and ensure timely updates of the risk register
• Contribute to performing risk aggregation and risk analysis to identify top risks and areas
of focus/improvement for prioritization
• Contribute to developing detailed reports and presentations on risk assessments,
including identified aggregated top risks, risk treatment progress, trending and
escalation. Ensure these reports are understandable to technical and non-technical
stakeholders, including senior management
• Demonstrate a process-oriented, results-driven approach to security risk engineering,
employing effective problem-solving and communication skills to serve as a subject
matter expert and trusted advisor
• Actively contributes to the administration, maintenance and process improvements of the
GRC risk assessment program
• Performs other job duties as required
We'd love to chat if you have:
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in security risk assessment, with strong background in
cybersecurity and risk management, with hands-on working knowledge and experience
in risk management frameworks such as NIST RMF, FAIR, and OWASP
• Strong technical knowledge of security controls, including but not limited to access
controls, encryption, network security, and vulnerability management.
• Demonstrated experience working within a GRC framework, with an understanding of
regulatory and compliance requirements (e.g., PCI DSS, SOC).
• Proven ability to work collaboratively with engineering teams to assess and mitigate
security risks.
• Experience with security risk remediation programs, including technical implementation
and compliance considerations.
• Strong analytical and problem-solving skills, with attention to detail and accuracy.
• Strong collaboration skills, with experience working cross-functionally with IT,
Engineering, and other stakeholders.
• Excellent communication skills, capable of translating technical concepts into actionable
insights for both technical and non-technical stakeholders.
• Experience in identifying process improvements and enhancing operational efficiencies
within security programs.
• Experience with GRC Risk Management tool including tool implementation will be plus
Preferred Skills:
• Experience with security assessment tools and methodologies.
• Knowledge of cloud security best practices and technologies (e.g., AWS, Azure, GCP).
• Strong project management skills with the ability to prioritize tasks and manage multiple
projects simultaneously.
• Certifications like PMP, CISSP, or CISM are a plus but not required
With regards
Naveen | Talent Acquisition
Rootshell Enterprise Technologies Inc.
Naveen@rootshellinc.com | www.rootshellinc.com

Apply