2

Remote Security Risk Assessment Jobs (NOW HIRING)

... business stakeholders to assess and manage security risk across third party relationships ... The majority of our roles are remote and you can work almost anywhere within the country of ...

As a remote-first company, most of our positions can be remote in the US, except for key roles ... Support the third-party risk assessment process through the utilization of GRC tools by identifying ...

... security risk assessments; and provide independent oversight of technology and security risks in ... Remote Travel requirements As a digital first company, the majority of your work can be ...

next page

Showing results 1-20

Remote Security Risk Assessment information

See salary details

$10

$50

$69

How much do remote security risk assessment jobs pay per hour?

As of Jul 11, 2026, the average hourly pay for remote security risk assessment in the United States is $50.41, according to ZipRecruiter salary data. Most workers in this role earn between $40.87 and $60.10 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote Security Risk Assessor, and why are they important?

To thrive as a Remote Security Risk Assessor, you need expertise in cybersecurity principles, risk analysis, and a relevant degree or certifications such as CISSP, CISM, or CRISC. Familiarity with tools like vulnerability scanners, security information and event management (SIEM) systems, and risk assessment frameworks (e.g., NIST, ISO 27001) is essential. Strong analytical thinking, communication skills, and attention to detail help in accurately identifying and communicating risks to stakeholders. These skills and qualities are vital to ensure organizations can proactively mitigate threats and maintain robust security postures in remote or distributed environments.

What is the difference between Remote Security Risk Assessment vs Cybersecurity Analyst?

AspectRemote Security Risk AssessmentCybersecurity Analyst
CredentialsCertifications like CISSP, CISA, CISMCertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRemote or on-site, focusing on risk evaluationRemote or on-site, focusing on security monitoring and incident response
Industry UsageUsed in risk management, compliance, and audit contextsUsed in security operations, threat analysis, and incident handling

Remote Security Risk Assessments and Cybersecurity Analysts both require security certifications and often work in similar environments. However, risk assessors focus on evaluating vulnerabilities and compliance, while analysts handle ongoing security monitoring and incident response. Understanding these differences helps organizations assign the right roles for their security needs.

What is a Remote Security Risk Assessment?

A Remote Security Risk Assessment is a process where security professionals evaluate an organization's security risks, vulnerabilities, and threats without being physically present on-site. This assessment is typically conducted through virtual meetings, digital questionnaires, and remote access to systems and documentation. The goal is to identify potential security gaps and recommend improvements to protect sensitive data and systems from cyber threats. Remote assessments have become increasingly popular due to their flexibility, cost-effectiveness, and ability to serve organizations regardless of location.

What are some common challenges faced by professionals in remote security risk assessment roles?

Professionals in remote security risk assessment often encounter challenges such as limited on-site visibility, reliance on digital communication, and the need to assess complex IT environments from afar. Effective collaboration with on-site staff and stakeholders is essential to gather accurate information and implement recommendations. Additionally, staying up-to-date with evolving cybersecurity threats and maintaining clear documentation are vital for success in this role.
More about Remote Security Risk Assessment jobs
What cities are hiring for Remote Security Risk Assessment jobs? Cities with the most Remote Security Risk Assessment job openings:
What are the most commonly searched types of Security Risk Assessment jobs? The most popular types of Security Risk Assessment jobs are:
What states have the most Remote Security Risk Assessment jobs? States with the most job openings for Remote Security Risk Assessment jobs include:
What job categories do people searching Remote Security Risk Assessment jobs look for? The top searched job categories for Remote Security Risk Assessment jobs are:
Infographic showing various Remote Security Risk Assessment job openings in the United States as of July 2026, with employment types broken down into 3% As Needed, 77% Full Time, 17% Part Time, and 3% Contract. Highlights an 93% Physical, 1% Hybrid, and 6% Remote job distribution, with an average salary of $104,848 per year, or $50.4 per hour.
Principal Cybersecurity Analyst - Risk Mgmt & AI Security

Principal Cybersecurity Analyst - Risk Mgmt & AI Security

MD Anderson

Houston, TX • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 3 days ago

New


MD Anderson Cancer Center rating

8.4

Company rating: 8.4 out of 10

Based on 169 frontline employees who took The Breakroom Quiz

28th of 881 rated healthcare providers


Job description

The University of Texas MD Anderson Cancer Center is seeking a highly skilled Principal Cybersecurity Analyst to serve as a technical authority within its Cybersecurity department. The Principal Cybersecurity Analyst plays a critical role in shaping and advancing enterprise-wide governance, risk, and compliance (GRC) programs, with expanded accountability for emerging AI security and governance initiatives. This role operates at a strategic and architectural level while also ensuring operational effectiveness across cybersecurity risk management practices.
The Principal Cybersecurity Analyst contributes directly to safeguarding sensitive data, maintaining regulatory compliance, and strengthening the organization's security posture through innovative, data-driven risk management and governance strategies. The Principal Cybersecurity Analyst serves as a trusted advisor, architect, and leader within the cybersecurity function.
The ideal candidate brings advanced education in information systems or cybersecurity, extensive experience leading enterprise risk management or GRC programs, and strong knowledge of frameworks such as NIST, HIPAA, and HITRUST. Preferred candidates will also have hands-on experience assessing AI/ML risk, strong executive communication skills, and certifications such as CISSP, CISM, or PMP.
Minimum $123,000 - Midpoint $154,000 - Maximum $185,000
Work Location: Remote 100%
Why Us?
At UT MD Anderson, the Principal Cybersecurity Analyst plays an essential role in advancing cybersecurity innovation in a mission-driven healthcare environment. This position offers the opportunity to shape enterprise risk strategy, influence executive decision-making, and lead emerging AI governance practices, all while supporting an organization dedicated to saving lives. Employees benefit from a collaborative culture, professional development opportunities, and a strong commitment to work-life balance.
• Employer-paid medical coverage starting day one for employees working 30+ hours/week, plus optional group dental, vision, life, AD&D, and disability insurance.
• Accruals for PTO and Extended Illness Bank, plus paid holidays, wellness, childcare, and other leave options.
• Tuition Assistance Program after six months of service and access to extensive wellness, fitness, and employee resource groups.
• Defined-benefit pension through the Teachers Retirement System, voluntary retirement plans, and employer-paid life and reduced salary protection programs.
Responsibilities
Governance, Risk & Compliance (GRC) Architecture & Risk Management Program Leadership
• Serve as principal architect and subject matter expert for enterprise GRC and cybersecurity risk programs
• Define and maintain risk assessment methodologies, control frameworks, and risk scoring models
• Establish workflows across development, staging, and production environments
• Develop SOPs, roles, segregation of duties, and change management processes
• Lead design and execution of enterprise risk management strategies
Security & Risk Platform Integration and Automation
• Architect and maintain integrations across Archer, Tenable, ServiceNow, Microsoft Configuration Manager (SCCM/MECM), and Medigate
• Design automated workflows consolidating asset, vulnerability, and risk data
• Enable enterprise-wide risk visibility and reporting through data-driven systems
• Ensure data quality, reconciliation, and interoperability across platforms and CMDB
Regulatory & Compliance Framework Management
• Apply frameworks including NIST CSF, NIST 800-53, HIPAA, and HITRUST
• Conduct control mapping, gap assessments, and compliance reporting
• Advise stakeholders on remediation strategies and regulatory requirements
• Align institutional policies with regulatory and accreditation standards
AI Security & Governance
• Establish and mature AI security and governance programs
• Develop AI risk assessment criteria and governance standards
• Align controls to NIST AI Risk Management Framework and institutional policies
• Evaluate AI/ML tools and vendors for data protection and compliance risks
• Partner with data governance, privacy, and legal teams on AI initiatives
Strategic Risk Visioning, Assessment & Executive Advisory
• Develop multi-year roadmaps, milestones, and resource plans
• Lead enterprise and project-level risk assessments
• Translate technical findings into executive-level reporting and dashboards
• Advise leadership on risk posture and investment prioritization
• Provide technical leadership and mentorship across teams
EDUCATION
  • Required: Bachelor's Degree Computer Information Systems, Business Information Systems, Computer Science or related field.
  • Preferred: Master's Degree Information Security, Computer Science or related field

WORK EXPERIENCE
  • Required: 7 years In information security and/or cybersecurity experience including multiple security domains, to include two years lead/supervisory experience.
  • May substitute required education degree with additional years of equivalent experience on a one to one basis.
  • Preferred: At least 7-8 years of progressive cybersecurity experience, hands-on risk management (risk assessment, risk register ownership, control evaluation, or risk quantification), led or owned a security risk management program or framework implementation (e.g., NIST RMF/CSF, ISO 27005, FAIR, or equivalent), direct hands-on experience assessing the security or risk posture of AI/ML systems or GenAI deployments, ability to translate technical risk into business-level language for executive and governance audiences (e.g., briefing a CISO, risk committee, or board), experience using Archer, excellent communication skills, risk management, and cybersecurity framework is a must.

LICENSES AND CERTIFICATIONS
  • Preferred: CISSP - Cert IS Security Professional Issued by the International Information Systems Security Certification Consortium ((ISC).
  • Preferred: CISM - Cert Info Security Manager Issued by Information Systems Audit and Control Association (ISACA).
  • Preferred: PMP - Project Mgt Professional Issued by the Project Management Institute (PMI).
  • Preferred: Other applicable security industry certifications.

The University of Texas MD Anderson Cancer Center offers excellent benefits, including medical, dental, paid time off, retirement, tuition benefits, educational opportunities, and individual and team recognition.
This position may be responsible for maintaining the security and integrity of critical infrastructure, as defined in Section 113.001(2) of the Texas Business and Commerce Code and therefore may require routine reviews and screening. The ability to satisfy and maintain all requirements necessary to ensure the continued security and integrity of such infrastructure is a condition of hire and continued employment.
It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state, or local laws unless such distinction is required by law.http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html
Additional Information
  • Requisition ID: 181706
  • Employment Status: Full-Time
  • Employee Status: Regular
  • Work Week: Days
  • Minimum Salary: US Dollar (USD) 123,000
  • Midpoint Salary: US Dollar (USD) 154,000
  • Maximum Salary : US Dollar (USD) 185,000
  • FLSA: exempt and not eligible for overtime pay
  • Fund Type: Hard
  • Work Location: Remote (within Texas only)
  • Pivotal Position: Yes
  • Referral Bonus Available?: Yes
  • Relocation Assistance Available?: Yes

#LI-Remote

What MD Anderson Cancer Center employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom