ZipRecruiter

Log In

1

Security Risk Analyst Jobs in Kentucky (NOW HIRING)

Altec

Application Security Architect

Louisville, KY · On-site

... analysis, Cloud configuration and IaC security reviews. • Validate findings, reduce false positives, and prioritize remediation based on business risk. • Establish reusable security architecture ...

Banterra Corp.

Information Security Specialist

Paducah, KY · Hybrid

$21.35 - $26.69/hr

This role provides hands-on experience in vendor management and risk mitigation while aligning ... Strong critical-thinking skills and the ability to analyze potential project outcomes with the ...

Banterra Bank

Information Security Specialist

Paducah, KY · On-site

$21.35 - $26.69/hr

This role provides hands-on experience in vendor management and risk mitigation while aligning ... Strong critical-thinking skills and the ability to analyze potential project outcomes with the ...

Korbel

$41.75 - $55.75/hr

The IT Governance/Risk/Compliance Analyst position offers a dynamic opportunity for an experienced ... Ensure data security and privacy compliance by providing guidance on appropriate access controls ...

Subsplash

Sr. GRC Analyst

Louisville, KY

$95K - $105K/yr

About the Role The Senior GRC Analyst acts as a strategic lead to advance security and risk operations. In this role, you will integrate people, policy, and technology to drive operational excellence ...

US Bank

Business Risk Professional

Owensboro, KY

$92.82K - $109.20K/yr

Utilizes strong analytical, process facilitation, and project management skills to support sound ... S. Department of Homeland Security E-Verify program in all facilities located in the United States ...

next page

Showing results 1-20

People also search for

All JobsSecurity Risk Analyst JobsSecurity Risk Analyst Jobs in Kentucky

Security Risk Analyst information

See Kentucky salary details

$8

$43

$60

How much do security risk analyst jobs pay per hour?

As of May 29, 2026, the average hourly pay for security risk analyst in Kentucky is $43.78, according to ZipRecruiter salary data. Most workers in this role earn between $35.48 and $52.21 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What are popular job titles related to Security Risk Analyst jobs in Kentucky? For Security Risk Analyst jobs in Kentucky, the most frequently searched job titles are:
What job categories do people searching Security Risk Analyst jobs in Kentucky look for? The top searched job categories for Security Risk Analyst jobs in Kentucky are:
What are popular job titles related to Security Risk Analyst jobs in KY? For Security Risk Analyst jobs in KY, the most frequently searched job titles are:
Security Risk Analyst jobs near you
Infographic showing various Security Risk Analyst job openings in Kentucky as of May 2026, with employment types broken down into 1% As Needed, 92% Full Time, 5% Part Time, and 2% Contract. Highlights an 95% Physical, 2% Hybrid, and 3% Remote job distribution, with an average salary of $91,063 per year, or $43.8 per hour.
Vulnerability Management Consultant

Vulnerability Management Consultant

Staffingine LLC

Erlanger, KY • On-site

Contractor

Posted 4 days ago

Job description

Job Title: Vulnerability Management Consultant
Job Location: Erlanger, KY
Job Type: Contract

Job Description:

  • Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of the program
  • Fair understanding of Technology Landscape Applications Infrastructure Cloud and review
  • Clients information security and related threats and vulnerabilities legal and regulatory
  • requirements
  • Good Understanding on Security Standards like ISO 270012 SOX ITGC SOC1 or SOC2
  • DevSecOps OWASP top 10 Business Impact analysis ISO 22301 ISO 27005
  • Assess and classify all potential business and infrastructure information risks
  • Review and advise on information security risks of vendor offerings Newleveraging existing SAAS PAASIAAS services including integration with Client environment
  • Conduct risk assessment on Applications Network Systems according to Client policies applicable Standards legal regulatory requirements
  • Identify the risks in the Client Projects provide recommendations for remediation of identified risks
  • Translate Technical legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies
  • Identify or design the controls for implementation based on the outcome of Risk Assessment its remediation and residual risk
  • Ensure all the controls outlined for an applicationInfrastructure are designed effectively
  • Review Vulnerability Assessment and Penetration Test scan results and recommend the risks to be remediated
  • Review and approve the control design of supplier and their organization technical specifications against Client security control requirements
  • Ensure all the risks are documented classified and tracked with appropriate action as per the IRM standards
  • Work with Project Managers Business Analysts Architecture and Support Team to ensure Client Information Risk Management standards are being followed
  • Test the control effectiveness post implementation or deployment of controls and technologies
  • Conduct Security governance with Client stakeholders

Technical Skills:

  • Understanding of Cloud Security SAAS IAAS and PAAS and Onpremise infrastructure
  • Understanding of secure application development and support
  • Knowledge on Network Security Data Security Practices EndPoint Security Identity and
  • Access Management
  • Knowledge on Business Continuity Plan and Disaster Recovery

Key Words:

  • Security Risk Assessment ISO 270012 SOX ITGC SOC1 or SOC2 DevSecOps OWASP
  • top 10 Security Risk Management Business Impact analysis Design Controls Data
  • Security Security Policy review Business Continuity Cloud Security Network Security
  • Identity and Access Management ISO 22301 ISO 27005 Control testing Control
  • assessment

Knowledge and Skills:

  • Projects Stake holder Management Governance Management Reporting
  • Very good communication skills Agile Project delivery
  • Cloud Security controls Data Security SeInfo baselines Privacy requirements

Education:

  • BTech CA MBA MS Info Sec MTech
  • Industry Certifications
  • ISO 27001 Lead Auditor or Lead Implementor CISA CRISC CISM CISSP

Mandatory Skills : Infra Vulnerability Management - Qualys, Infra Vulnerability Management - Rapid 7,Infra Vulnerability Management - Tenable IO, Infra Vulnerability Management - Tenable Nessus, SC, CS,Infra Vulnerability management/Triaging/ Remdiation Advisory / ServiceNow /ITSM /CMDB