Security Risk Analyst Jobs in California (NOW HIRING)

JOB SUMMARY
Are you passionate about strengthening security through risk insight and strategic partnership? We are seeking an experienced Information Security Risk Analyst to help identify, assess, and reduce cybersecurity risk across cloud and on-prem environments.
In this role, you will partner closely with application development teams, technical stakeholders, and leadership to evaluate security controls, advise on secure cloud and DevSecOps practices, and translate complex technical risks into actionable business guidance. This is an opportunity to play a highly visible role in improving enterprise security posture while influencing modern development practices, third-party risk management, and emerging AI/GenAI governance considerations.
If you thrive in collaborative environments and enjoy combining technical depth with risk strategy and communication, this role offers meaningful impact and professional growth.
KEY RESPONSIBILITIES
• Support enterprise risk strategies by identifying security risks in processes and technologies and leading initiatives to reduce exposure.
• Apply and interpret security policies and contribute insights to ongoing policy and control improvements.
• Partner with business and technical teams to help them understand and implement security controls, policies, and procedures.
• Establish trusted relationships across assigned business areas to understand operational and technical requirements and enable secure outcomes.
• Advise application development teams on Secure Cloud Development and DevSecOps best practices to mature security practices.
• Assess technical implementations in both cloud and on-prem environments to evaluate security risk and recommend control enhancements or compensating controls.
• Perform complex security analyses and provide clear, practical mitigation recommendations.
• Evaluate third-party service providers, identify associated risks, and clarify shared security responsibilities.
• Conduct formal security control assessments and prepare detailed assessment reports documenting scope, methodology, findings, risk impact, and remediation recommendations.
• Communicate security risks and business implications to stakeholders at all levels, including executive leadership.
• Collaborate cross-functionally, manage multiple initiatives simultaneously, and navigate ambiguity in a fast-paced, results-driven environment.
REQUIRED QUALIFICATIONS
• Experience performing security control assessments aligned to NIST 800-37 (SCA and CMCA).
• Hands-on experience conducting assessments using NIST 800-53 controls.
• Experience reviewing and evaluating FedRAMP authorization packages.
• Experience mapping OWASP Top Ten risks within DevSecOps environments to strengthen security operations.
• Strong understanding of cloud security principles and secure development practices.
• Ability to analyze complex technical security issues and translate them into clear, actionable risk narratives.
PREFERRED QUALIFICATIONS
• Experience in DevSecOps environments, including governance and security automation.
• Exposure to AI / GenAI-related cybersecurity governance and risk considerations.
• Experience working in regulated or compliance-driven environments.
KEY COMPETENCIES
• Strong verbal and written communication skills with the ability to convey risk to both technical and non-technical stakeholders.
• Excellent relationship-building and stakeholder partnership skills.
• Strategic thinking with practical, solutions-oriented execution.
• Ability to manage competing priorities while maintaining accountability and delivering results. Equal Opportunity Employer / Disabled / Protected Veterans
The Know Your Rights poster is available here:
https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf
The pay transparency policy is available here:
https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf
For temporary assignments lasting 13 weeks or longer, AllSTEM Connections is pleased to offer major medical, dental, vision, 401k and any statutory sick pay where required.
We are committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please contact your staffing representative who will reach out to our HR team.
AllSTEM Connections participates in the E-Verify program in certain locations as required by law. Learn more about the E-Verify program.
https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster_ES.pdf
We also consider for employment qualified applicants regardless of criminal histories, consistent with legal requirements, including, if applicable, the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. Pursuant to applicable state and municipal Fair Chance Laws and Ordinances, we will consider for employment-qualified applicants with arrest and conviction records, including, if applicable, the San Francisco Fair Chance Ordinance. For Los Angeles, CA applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Additional Skills
(none specified)
AllSTEM Representative Contact Info
Account Executive:
IN HOUSE
Branch Phone:
(909) 244-1777
Location:
Ontario, CA