Remote 100% Why Us? At UT MD Anderson, the Principal Cybersecurity Analyst plays an essential role ... assessment methodologies, control frameworks, and risk scoring models • Establish workflows ...
Remote 100% Why Us? At UT MD Anderson, the Principal Cybersecurity Analyst plays an essential role ... assessment methodologies, control frameworks, and risk scoring models • Establish workflows ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Quick apply
Hybrid - onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in ... Support information security risk assessments for new projects, systems, and business processes ...
Ciph Lab | Remote | Equity-Only (Pre-Seed) About Ciph Lab Ciph Lab is building Intelligence ... Traditional security assessments can't keep pace. We're building adaptive governance systems with ...
Ciph Lab | Remote | Equity-Only (Pre-Seed) About Ciph Lab Ciph Lab is building Intelligence ... Traditional security assessments can't keep pace. We're building adaptive governance systems with ...
... flexibility of a hybrid-remote position* as you take on some tough challenges. Primary ... Conduct risk and control assessments aligned to enterprise security and compliance standards You'll ...
... flexibility of a hybrid-remote position* as you take on some tough challenges. Primary ... Conduct risk and control assessments aligned to enterprise security and compliance standards You'll ...
Principal IT Risk Management Analyst
Herndon, VA · On-site +1
Lead and evolve the IT security risk management program in alignment with organizational goals ... Identify, assess, and quantify technology risks by evaluating cybersecurity threats, operational ...
Principal IT Risk Management Analyst
Herndon, VA · On-site +1
Lead and evolve the IT security risk management program in alignment with organizational goals ... Identify, assess, and quantify technology risks by evaluating cybersecurity threats, operational ...
Conduct comprehensive security risk assessments and gap analyses * Implement and maintain continuous monitoring solutions * Perform security control testing and validation * Develop and deliver ...
Quick apply
Conduct comprehensive security risk assessments and gap analyses * Implement and maintain continuous monitoring solutions * Perform security control testing and validation * Develop and deliver ...
Security Oversight Product Owner
Washington, DC · Remote
$120K - $130K/yr
This role ensures comprehensive security operations, continuous compliance management, proactive risk assessment, incident response, and security documentation support across high-profile, public ...
Quick apply
Security Oversight Product Owner
Washington, DC · Remote
$120K - $130K/yr
This role ensures comprehensive security operations, continuous compliance management, proactive risk assessment, incident response, and security documentation support across high-profile, public ...
... business stakeholders to assess and manage security risk across third party relationships ... The majority of our roles are remote and you can work almost anywhere within the country of ...
... business stakeholders to assess and manage security risk across third party relationships ... The majority of our roles are remote and you can work almost anywhere within the country of ...
Florida (remote/hybrid acceptable) -- limited travel for QA reviews and client briefings as needed ... site government IT security risk assessment. This role owns the consistency, rigor, and ...
Quick apply
Florida (remote/hybrid acceptable) -- limited travel for QA reviews and client briefings as needed ... site government IT security risk assessment. This role owns the consistency, rigor, and ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... of risk posture drawn from the live security tool estate (vulnerability, endpoint, third-party ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... of risk posture drawn from the live security tool estate (vulnerability, endpoint, third-party ...
Job Title- Mainframe Security Analyst/IAM Security/ Information Security Location- Remote Duration ... Identify security vulnerabilities and issues perform risk assessments and evaluate remediation ...
Job Title- Mainframe Security Analyst/IAM Security/ Information Security Location- Remote Duration ... Identify security vulnerabilities and issues perform risk assessments and evaluate remediation ...
Operating at the intersection of security engineering, risk assessment, and compliance, the SRE ... The position is primarily remote - Continental U.S only * Primary location when on site: Arlington ...
Quick apply
Operating at the intersection of security engineering, risk assessment, and compliance, the SRE ... The position is primarily remote - Continental U.S only * Primary location when on site: Arlington ...
As a remote-first company, most of our positions can be remote in the US, except for key roles ... Support the third-party risk assessment process through the utilization of GRC tools by identifying ...
As a remote-first company, most of our positions can be remote in the US, except for key roles ... Support the third-party risk assessment process through the utilization of GRC tools by identifying ...
Clearly and concisely document and communicate risk assessment results with requester, security ... Remote Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 ...
Clearly and concisely document and communicate risk assessment results with requester, security ... Remote Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 ...
Information Security Analyst (GRC)
Valhalla, NY · Remote
$100K - $140K/yr
Information Security Analyst (GRC) Boston Children's Health Physicians (BCHP) Valhalla, NY (Remote ... Risk Management Conduct and document security risk assessments. Assist with enterprise risk ...
Information Security Analyst (GRC)
Valhalla, NY · Remote
$100K - $140K/yr
Information Security Analyst (GRC) Boston Children's Health Physicians (BCHP) Valhalla, NY (Remote ... Risk Management Conduct and document security risk assessments. Assist with enterprise risk ...
... security risk assessments; and provide independent oversight of technology and security risks in ... Remote Travel requirements As a digital first company, the majority of your work can be ...
... security risk assessments; and provide independent oversight of technology and security risks in ... Remote Travel requirements As a digital first company, the majority of your work can be ...
Hybrid - onsite and remote Hours: 40.0 Security Clearance: Overview Leave placeholder text here for recruiter to input Responsibilities * Support information security risk assessments for new ...
Hybrid - onsite and remote Hours: 40.0 Security Clearance: Overview Leave placeholder text here for recruiter to input Responsibilities * Support information security risk assessments for new ...
Remote Security Risk Assessment information
See salary details
$10.34 - $15.76
2% of jobs
$15.76 - $21.18
0% of jobs
$21.18 - $26.60
1% of jobs
$26.60 - $32.01
1% of jobs
$32.01 - $37.43
1% of jobs
$41.50 is the 25th percentile. Wages below this are outliers.
$37.43 - $42.85
26% of jobs
$42.85 - $48.27
11% of jobs
The median wage is $50.21 / hr.
$48.27 - $53.69
22% of jobs
$53.69 - $59.11
9% of jobs
$59.54 is the 75th percentile. Wages above this are outliers.
$59.11 - $64.53
17% of jobs
$64.53 - $69.95
9% of jobs
$10
$50
$69
How much do remote security risk assessment jobs pay per hour?
What are the key skills and qualifications needed to thrive as a Remote Security Risk Assessor, and why are they important?
What is the difference between Remote Security Risk Assessment vs Cybersecurity Analyst?
| Aspect | Remote Security Risk Assessment | Cybersecurity Analyst |
|---|---|---|
| Credentials | Certifications like CISSP, CISA, CISM | Certifications like CompTIA Security+, CISSP, CEH |
| Work Environment | Remote or on-site, focusing on risk evaluation | Remote or on-site, focusing on security monitoring and incident response |
| Industry Usage | Used in risk management, compliance, and audit contexts | Used in security operations, threat analysis, and incident handling |
Remote Security Risk Assessments and Cybersecurity Analysts both require security certifications and often work in similar environments. However, risk assessors focus on evaluating vulnerabilities and compliance, while analysts handle ongoing security monitoring and incident response. Understanding these differences helps organizations assign the right roles for their security needs.
What is a Remote Security Risk Assessment?
What are some common challenges faced by professionals in remote security risk assessment roles?

Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 3 days ago
New
MD Anderson Cancer Center rating
8.4
Based on 169 frontline employees who took The Breakroom Quiz
28th of 881 rated healthcare providers
Job description
The Principal Cybersecurity Analyst contributes directly to safeguarding sensitive data, maintaining regulatory compliance, and strengthening the organization's security posture through innovative, data-driven risk management and governance strategies. The Principal Cybersecurity Analyst serves as a trusted advisor, architect, and leader within the cybersecurity function.
The ideal candidate brings advanced education in information systems or cybersecurity, extensive experience leading enterprise risk management or GRC programs, and strong knowledge of frameworks such as NIST, HIPAA, and HITRUST. Preferred candidates will also have hands-on experience assessing AI/ML risk, strong executive communication skills, and certifications such as CISSP, CISM, or PMP.
Minimum $123,000 - Midpoint $154,000 - Maximum $185,000
Work Location: Remote 100%
Why Us?
At UT MD Anderson, the Principal Cybersecurity Analyst plays an essential role in advancing cybersecurity innovation in a mission-driven healthcare environment. This position offers the opportunity to shape enterprise risk strategy, influence executive decision-making, and lead emerging AI governance practices, all while supporting an organization dedicated to saving lives. Employees benefit from a collaborative culture, professional development opportunities, and a strong commitment to work-life balance.
• Employer-paid medical coverage starting day one for employees working 30+ hours/week, plus optional group dental, vision, life, AD&D, and disability insurance.
• Accruals for PTO and Extended Illness Bank, plus paid holidays, wellness, childcare, and other leave options.
• Tuition Assistance Program after six months of service and access to extensive wellness, fitness, and employee resource groups.
• Defined-benefit pension through the Teachers Retirement System, voluntary retirement plans, and employer-paid life and reduced salary protection programs.
Responsibilities
Governance, Risk & Compliance (GRC) Architecture & Risk Management Program Leadership
• Serve as principal architect and subject matter expert for enterprise GRC and cybersecurity risk programs
• Define and maintain risk assessment methodologies, control frameworks, and risk scoring models
• Establish workflows across development, staging, and production environments
• Develop SOPs, roles, segregation of duties, and change management processes
• Lead design and execution of enterprise risk management strategies
Security & Risk Platform Integration and Automation
• Architect and maintain integrations across Archer, Tenable, ServiceNow, Microsoft Configuration Manager (SCCM/MECM), and Medigate
• Design automated workflows consolidating asset, vulnerability, and risk data
• Enable enterprise-wide risk visibility and reporting through data-driven systems
• Ensure data quality, reconciliation, and interoperability across platforms and CMDB
Regulatory & Compliance Framework Management
• Apply frameworks including NIST CSF, NIST 800-53, HIPAA, and HITRUST
• Conduct control mapping, gap assessments, and compliance reporting
• Advise stakeholders on remediation strategies and regulatory requirements
• Align institutional policies with regulatory and accreditation standards
AI Security & Governance
• Establish and mature AI security and governance programs
• Develop AI risk assessment criteria and governance standards
• Align controls to NIST AI Risk Management Framework and institutional policies
• Evaluate AI/ML tools and vendors for data protection and compliance risks
• Partner with data governance, privacy, and legal teams on AI initiatives
Strategic Risk Visioning, Assessment & Executive Advisory
• Develop multi-year roadmaps, milestones, and resource plans
• Lead enterprise and project-level risk assessments
• Translate technical findings into executive-level reporting and dashboards
• Advise leadership on risk posture and investment prioritization
• Provide technical leadership and mentorship across teams
EDUCATION
- Required: Bachelor's Degree Computer Information Systems, Business Information Systems, Computer Science or related field.
- Preferred: Master's Degree Information Security, Computer Science or related field
WORK EXPERIENCE
- Required: 7 years In information security and/or cybersecurity experience including multiple security domains, to include two years lead/supervisory experience.
- May substitute required education degree with additional years of equivalent experience on a one to one basis.
- Preferred: At least 7-8 years of progressive cybersecurity experience, hands-on risk management (risk assessment, risk register ownership, control evaluation, or risk quantification), led or owned a security risk management program or framework implementation (e.g., NIST RMF/CSF, ISO 27005, FAIR, or equivalent), direct hands-on experience assessing the security or risk posture of AI/ML systems or GenAI deployments, ability to translate technical risk into business-level language for executive and governance audiences (e.g., briefing a CISO, risk committee, or board), experience using Archer, excellent communication skills, risk management, and cybersecurity framework is a must.
LICENSES AND CERTIFICATIONS
- Preferred: CISSP - Cert IS Security Professional Issued by the International Information Systems Security Certification Consortium ((ISC).
- Preferred: CISM - Cert Info Security Manager Issued by Information Systems Audit and Control Association (ISACA).
- Preferred: PMP - Project Mgt Professional Issued by the Project Management Institute (PMI).
- Preferred: Other applicable security industry certifications.
The University of Texas MD Anderson Cancer Center offers excellent benefits, including medical, dental, paid time off, retirement, tuition benefits, educational opportunities, and individual and team recognition.
This position may be responsible for maintaining the security and integrity of critical infrastructure, as defined in Section 113.001(2) of the Texas Business and Commerce Code and therefore may require routine reviews and screening. The ability to satisfy and maintain all requirements necessary to ensure the continued security and integrity of such infrastructure is a condition of hire and continued employment.
It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state, or local laws unless such distinction is required by law.http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html
Additional Information
- Requisition ID: 181706
- Employment Status: Full-Time
- Employee Status: Regular
- Work Week: Days
- Minimum Salary: US Dollar (USD) 123,000
- Midpoint Salary: US Dollar (USD) 154,000
- Maximum Salary : US Dollar (USD) 185,000
- FLSA: exempt and not eligible for overtime pay
- Fund Type: Hard
- Work Location: Remote (within Texas only)
- Pivotal Position: Yes
- Referral Bonus Available?: Yes
- Relocation Assistance Available?: Yes
#LI-Remote
What MD Anderson Cancer Center employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About MD Anderson Cancer Center
Sourced by ZipRecruiter
Industry
Health care and social assistance
Company size
10,000+ Employees
Headquarters location
Houston, TX, US
Year founded
1944