ZipRecruiter

Log In

2

Remote Security Risk Assessment Jobs in Colorado

DigitalOcean

Senior Security Engineer I

Denver, CO ยท Remote

$140K - $175K/yr

... assess and mitigate the security risk of our virtualization stack. You\'ll own the security risk ... This is a remote role JR: 2026-8011 #LI-Remote Why You'll Like Working for DigitalOcean * We ...

Wsgr

Senior AI Risk Advisor

Boulder, CO ยท On-site +1

Lead AI risk assessments across the full model lifecycle - evaluating third-party AI vendors, foundation models, and AI-powered platforms for data privacy risks, model behavior, security posture, and ...

LivaNova

Director - Product Security

Denver, CO ยท On-site +1

$239K - $251K/yr

Houston, TX is the ideal location for this role, but this is open to Remote opportunities for well ... Oversee a rigorous threat modeling program and lead cybersecurity risk assessments for all new and ...

EnerSys

Application Security Engineer (REMOTE)

Longmont, CO ยท Remote

$117K - $146K/yr

Support threat modeling, risk assessments, and security architecture reviews for applications. Ensure that all security practices meet regulatory and compliance requirements. Develop and deliver ...

next page

Showing results 1-20

All JobsRemote Security Risk Assessment JobsRemote Security Risk Assessment Jobs in Colorado

Remote Security Risk Assessment information

What are the key skills and qualifications needed to thrive as a Remote Security Risk Assessor, and why are they important?

To thrive as a Remote Security Risk Assessor, you need expertise in cybersecurity principles, risk analysis, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like vulnerability scanners, security information and event management (SIEM) systems, and risk assessment frameworks (e.g., NIST, ISO 27001) is essential. Strong analytical thinking, communication skills, and attention to detail help in accurately identifying and communicating risks to stakeholders. These skills and qualities are vital to ensure organizations can proactively mitigate threats and maintain robust security postures in remote or distributed environments.

What is the difference between Remote Security Risk Assessment vs Cybersecurity Analyst?

AspectRemote Security Risk AssessmentCybersecurity Analyst
CredentialsCertifications like CISSP, CISA, CISMCertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRemote or on-site, focusing on risk evaluationRemote or on-site, focusing on security monitoring and incident response
Industry UsageUsed in risk management, compliance, and audit contextsUsed in security operations, threat analysis, and incident handling

Remote Security Risk Assessments and Cybersecurity Analysts both require security certifications and often work in similar environments. However, risk assessors focus on evaluating vulnerabilities and compliance, while analysts handle ongoing security monitoring and incident response. Understanding these differences helps organizations assign the right roles for their security needs.

What is a Remote Security Risk Assessment?

A Remote Security Risk Assessment is a process where security professionals evaluate an organization's security risks, vulnerabilities, and threats without being physically present on-site. This assessment is typically conducted through virtual meetings, digital questionnaires, and remote access to systems and documentation. The goal is to identify potential security gaps and recommend improvements to protect sensitive data and systems from cyber threats. Remote assessments have become increasingly popular due to their flexibility, cost-effectiveness, and ability to serve organizations regardless of location.

What are some common challenges faced by professionals in remote security risk assessment roles?

Professionals in remote security risk assessment often encounter challenges such as limited on-site visibility, reliance on digital communication, and the need to assess complex IT environments from afar. Effective collaboration with on-site staff and stakeholders is essential to gather accurate information and implement recommendations. Additionally, staying up-to-date with evolving cybersecurity threats and maintaining clear documentation are vital for success in this role.
What are the most commonly searched types of Security Risk Assessment jobs in Colorado? The most popular types of Security Risk Assessment jobs in Colorado are:
What are popular job titles related to Remote Security Risk Assessment jobs in Colorado? For Remote Security Risk Assessment jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Remote Security Risk Assessment jobs in Colorado look for? The top searched job categories for Remote Security Risk Assessment jobs in Colorado are:
What cities in Colorado are hiring for Remote Security Risk Assessment jobs? Cities in Colorado with the most Remote Security Risk Assessment job openings:
Remote Security Risk Assessment jobs near you
Infographic showing various Remote Security Risk Assessment job openings in Colorado as of June 2026, with employment types broken down into 1% As Needed, 72% Full Time, 25% Part Time, and 2% Contract. Highlights an 37% Physical, 2% Hybrid, and 61% Remote job distribution.
Senior Security Engineer I

Senior Security Engineer I

DigitalOcean

Denver, CO โ€ข Remote

$140K - $175K/yr

Other

Posted 3 days ago

Job description

We're looking for a Senior Product Security Engineer who is passionate about partnering with engineers to assess and mitigate the security risk of our virtualization stack.

You'll own the security risk posture for our virtualization stack. You'll get there by building the frameworks the org uses to reason about hypervisor risk - systematic threat models that surface risks, shared rubrics for assessing their impact and likelihood, and clear ways of communicating them to security, kernel, virtualization, and provisioning teams. From there, you'll own the response: designing and proposing defense-in-depth mitigations and driving their implementation.

As a member of the Product Security team, you will report to the Manager of Secure Design. Our Secure Design team enables DigitalOcean to build secure-by-design products. We leverage strong relationships with both product teams and the rest of security engineering to be successful. The team's scope is primarily focused on reviewing early-stage decisions, developing threat models, scaling impact via automation, curating security patterns, authoring security guidance, training, and championing security initiatives.ย 

What you'll do:

Propose and implement mitigations and defense-in-depth to threats discovered through threat modeling the virtualization stack (90%)

  • Provide deep technical expertise in systems architecture, kernel security features and network architecture to build out a threat model for our virtualization stack
  • Identify the trade-offs of different solutions and recommend the efficient design to achieve both functional goals and security requirements. We do not deliver mandates; we work alongside cross-functional partners to find mutually beneficial solutions.
  • Collaborate with development teams to implement remediations and defense in depth to protect DigitalOcean's customers' workloads.

Cultivate and promote a security culture (10%)

  • Mentor software engineering teams in security best practices.
  • Help oversee our vulnerability management program (we call it security debt).
  • Help DigitalOcean engineers understand how security events impact them. Do they need to worry about the next Redfish or Copy Fail CVEs? How does RetBleed impact DigitalOcean's fleet?
What you'll add to DigitalOcean:

Required qualifications:

  • Deep familiarity with at least one kernel security feature (ex: AppArmor, SELinux, Landlock, etc.)ย 
  • Capable of assessing and understanding the performance implications of code changes to virtualization stacks (especially in Qemu and KVM), built from hands-on experience. Experienceย 
  • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity. Engineering teams are our partners, not our adversaries.
  • Ability to clearly communicate security topics and vulnerability classes (e.g. memory corruption, privilege escalation, TOCTOU, etc) and ability to provide actionable direction to product teams.
  • Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery).

Preferred qualifications:

  • 5+ years of writing systems level code (embedded systems, kernel, assembly or similar).
  • Experience guiding software teams on secure architecture design.
  • Written code for an embedded system (raspberry pi, arduino, etc).
  • Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases.
  • An understanding of patches and mitigations for hardware side-channel attacks.
  • Familiarity with object oriented and functional programming concepts, particularly with languages such as Go, Rust, or C.
Compensation Range:ย 
  • $140,000 - $175,000

*This is a remote role

JR: 2026-8011

#LI-Remote

Apply