ZipRecruiter

Log In

2

Remote Security Risk Assessment Jobs in Boston, MA

OneStudyTeam

Security Compliance Manager

Boston, MA ยท Remote

$140K - $170K/yr

Strong competency in gap analysis and risk assessment methodologies; able to translate results into ... This is a remote position with less than 10% travel requirements. Occasional planned travel may be ...

OneStudyTeam

Director of Security

Boston, MA ยท Remote

The scope includes third party risk, vendor assessment and qualification, security architecture ... LI-Remote We value diversity and believe the unique contributions each of us brings drives our ...

OneStudyTeam

Senior Security Compliance Analyst

Boston, MA ยท Remote

$125K - $175K/yr

Conduct third-party vendor risk assessments, ensuring compliance with security policies and ... Ability to work independently and collaboratively in a remote environment. * Familiarity with GRC ...

FAVARH

Cloud Security Engineer

Boston, MA ยท Remote

This role is remote with the expectation that candidates are based near one of the following Voya ... Support audits, risk assessments, and regulatory inquiries related to cloud and SaaS security.

Wsgr

Senior AI Risk Advisor

Boston, MA ยท On-site +1

Lead AI risk assessments across the full model lifecycle - evaluating third-party AI vendors, foundation models, and AI-powered platforms for data privacy risks, model behavior, security posture, and ...

Citizens

Manager Application Security

Boston, MA ยท On-site +1

$133K - $190K/yr

... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... security assessments and risk based remediation planning Provide threat informed guidance to ...

Citizens

Manager Application Security

Westwood, MA ยท On-site +1

$133K - $190K/yr

... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... security assessments and risk based remediation planning Provide threat informed guidance to ...

Citizens

Manager Application Security

Boston, MA ยท On-site +1

$133K - $190K/yr

... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... security assessments and risk based remediation planning Provide threat informed guidance to ...

Citizens

Manager Application Security

Westwood, MA ยท On-site +1

$133K - $190K/yr

... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... security assessments and risk based remediation planning Provide threat informed guidance to ...

next page

Showing results 1-20

People also search for

All JobsRemote Security Risk Assessment JobsRemote Security Risk Assessment Jobs in Boston, MA

Remote Security Risk Assessment information

See Boston, MA salary details

$11

$54

$75

How much do remote security risk assessment jobs pay per hour?

As of May 31, 2026, the average hourly pay for remote security risk assessment in Boston, MA is $54.76, according to ZipRecruiter salary data. Most workers in this role earn between $44.38 and $65.29 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote Security Risk Assessor, and why are they important?

To thrive as a Remote Security Risk Assessor, you need expertise in cybersecurity principles, risk analysis, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like vulnerability scanners, security information and event management (SIEM) systems, and risk assessment frameworks (e.g., NIST, ISO 27001) is essential. Strong analytical thinking, communication skills, and attention to detail help in accurately identifying and communicating risks to stakeholders. These skills and qualities are vital to ensure organizations can proactively mitigate threats and maintain robust security postures in remote or distributed environments.

What are some common challenges faced by professionals in remote security risk assessment roles?

Professionals in remote security risk assessment often encounter challenges such as limited on-site visibility, reliance on digital communication, and the need to assess complex IT environments from afar. Effective collaboration with on-site staff and stakeholders is essential to gather accurate information and implement recommendations. Additionally, staying up-to-date with evolving cybersecurity threats and maintaining clear documentation are vital for success in this role.

What is a Remote Security Risk Assessment?

A Remote Security Risk Assessment is a process where security professionals evaluate an organization's security risks, vulnerabilities, and threats without being physically present on-site. This assessment is typically conducted through virtual meetings, digital questionnaires, and remote access to systems and documentation. The goal is to identify potential security gaps and recommend improvements to protect sensitive data and systems from cyber threats. Remote assessments have become increasingly popular due to their flexibility, cost-effectiveness, and ability to serve organizations regardless of location.

What is the difference between Remote Security Risk Assessment vs Cybersecurity Analyst?

AspectRemote Security Risk AssessmentCybersecurity Analyst
CredentialsCertifications like CISSP, CISA, CISMCertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRemote or on-site, focusing on risk evaluationRemote or on-site, focusing on security monitoring and incident response
Industry UsageUsed in risk management, compliance, and audit contextsUsed in security operations, threat analysis, and incident handling

Remote Security Risk Assessments and Cybersecurity Analysts both require security certifications and often work in similar environments. However, risk assessors focus on evaluating vulnerabilities and compliance, while analysts handle ongoing security monitoring and incident response. Understanding these differences helps organizations assign the right roles for their security needs.

What are the most commonly searched types of Security Risk Assessment jobs in Boston, MA? The most popular types of Security Risk Assessment jobs in Boston, MA are:
What are popular job titles related to Remote Security Risk Assessment jobs in Boston, MA? For Remote Security Risk Assessment jobs in Boston, MA, the most frequently searched job titles are:
What job categories do people searching Remote Security Risk Assessment jobs in Boston, MA look for? The top searched job categories for Remote Security Risk Assessment jobs in Boston, MA are:
What cities near Boston, MA are hiring for Remote Security Risk Assessment jobs? Cities near Boston, MA with the most Remote Security Risk Assessment job openings:
Remote Security Risk Assessment jobs near you

Security Compliance Manager

OneStudyTeam

Boston, MA โ€ข Remote

$140K - $170K/yr

Full-time

Posted 25 days ago

Job description

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care.

One mission. One team. That's OneStudyTeam.

The Security Compliance Manager leads the organization's security compliance and assurance effortsโ€”ensuring we meet and maintain certification requirements (e.g., ISO 27001, SOC 2) and always remain audit-ready. This role translates security control requirements into actionable work across teams, drives evidence collection and remediation, and strengthens risk management practices to enable growth in regulated environments.

What You'll Be Working On
  • Lead security certification & audit readiness (ISO 27001 / SOC 2): Drive quarterly ISO control requirements, manage ISO surveillance audits, lead SOC 2 examination readiness, and oversee ongoing maintenance activities once achieved.
  • Operate the ISMS controls program: Manage internal ISMS control reviews, coordinate remediation and corrective actions, and ensure controls remain effective and scalable as the organization changes.
  • Evidence management & auditor response: Prepare for internal and external audits by organizing requests, gathering evidence, maintaining audit artifacts, and authoring clear, consistent responses to auditors.
  • Risk management program execution: Recommend and implement improvements to the information security risk management program; develop and maintain the risk register, risk ownership, and workflows for tracking remediation plans to closure.
  • Metrics, reporting, and stakeholder enablement: Partner with Security leadership to define and report KRIs/KPIs for the information security program; support consistent responses to customer security audits and questionnaires aligned to program commitments.
  • Manage periodic reviews and updates of security policies and procedures to ensure alignment with certifications, business needs, and regulatory expectations.
  • Partner with an outsourced/internal audit function to validate control performance and drive continuous improvement.
  • Support cross-functional education and adoption of security requirements by translating compliance language into clear tasks, owners, and acceptance criteria.
What You Bring to OneStudyTeam
  • Required: Experience leading a successful ISO 27001 or SOC 2 certification effort.
  • Required: 5+ years in a dedicated information security role in a regulated environment (e.g., HIPAA, GLBA, PCI).
  • Preferred: Security certification such as CISA, CISM, CISSP (or similar).
  • Demonstrated ability to lead ISO 27001 and/or SOC 2 certification efforts and ongoing maintenance activities.
  • Strong competency in gap analysis and risk assessment methodologies; able to translate results into prioritized remediation plans.
  • Working knowledge of security policy, procedure, and enforcement across key domains: access control, data classification, change management, asset management, BCDR, incident response, vulnerability management, secure SDLC, source control, endpoint protection.
  • Ability to translate security/compliance requirements into actionable work for Engineering/IT/Operations (tickets, owners, acceptance criteria, evidence).
  • Strong written and verbal communicationโ€”able to interface with all levels of the organization and produce high-quality audit-ready documentation.
  • Technical foundation sufficient to understand high-level concepts related to public cloud (AWS/GCP/Azure), Agile SDLC, CI/CD, VPNs, and modern web applications.
  • This role requires 100% of work to be performed in a remote office environment and requires the ability to use keyboards and other computer equipment.
  • This is a remote position with less than 10% travel requirements. Occasional planned travel may be required as part of the role.

The expected salary range for this role is $140,000 - $170,000 USD per year for full time team members.

We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status.

Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization.

As a condition of employment, you will abide by all organizational security and privacy policies.

This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

Mandatory Employer Disclosures:
Notice to Illinois applicants: Applicants are not obligated to disclose expunged juvenile records or adjudication, arrest, or conviction.
Notice to Connecticut applicants: OneStudyTeam may require applicants to submit to a urinalysis drug test in connection with an application for employment.
Notice to Arizona, Georgia, Indiana, and North Dakota applicants: OneStudyTeam complies with applicable laws prohibiting smoking in and around places of employment.
Notice to Massachusetts applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Notice to Rhode Island applicants: OneStudyTeam complies with Rhode Island law prohibiting smoking in enclosed areas within places of employment. OneStudyTeam is also subject to is subject to Chapters 29โ€“38 of Title 28 of the Rhode Island General Laws.
Notice to Maryland applicants: UNDER MARYLAND LAW, AN EMPLOYER MAY NOT REQUIRE OR DEMAND, AS A CONDITION OF EMPLOYMENT, PROSPECTIVE EMPLOYMENT, OR CONTINUED EMPLOYMENT, THAT AN INDIVIDUAL SUBMIT TO OR TAKE A LIE DETECTOR OR SIMILAR TEST. AN EMPLOYER WHO VIOLATES THIS LAW IS GUILTY OF A MISDEMEANOR AND SUBJECT TO A FINE NOT EXCEEDING $100.