ZipRecruiter

Log In

1

Security Risk Analyst Jobs in Kentucky (NOW HIRING)

Fluor

Director, Security

Lexington, KY

Familiar with risk analysis process integrating intelligence, cyber posture, operational tempo, and ... Knowledge of current security vulnerabilities and threats; Ability to collaborate with all levels ...

Fidelity Investments

Senior Manager, Risk

Covington, KY · On-site

$89K - $180K/yr

Providing analysis and reporting * Fostering strong partnerships and relationships to influence ... Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange ...

Subsplash

Sr. GRC Analyst

Louisville, KY · On-site

$95K - $105K/yr

About the Role The Senior GRC Analyst acts as a strategic lead to advance security and risk operations. In this role, you will integrate people, policy, and technology to drive operational excellence ...

next page

Showing results 1-20

All JobsSecurity Risk Analyst JobsSecurity Risk Analyst Jobs in Kentucky

Security Risk Analyst information

See Kentucky salary details

$8

$43

$60

How much do security risk analyst jobs pay per hour?

As of Jun 26, 2026, the average hourly pay for security risk analyst in Kentucky is $43.78, according to ZipRecruiter salary data. Most workers in this role earn between $35.48 and $52.21 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can potentially earn $200,000 or more annually, especially with advanced skills, certifications like CISSP, and experience in high-demand areas such as threat intelligence or security architecture. Achieving this level often requires several years of experience, specialized knowledge, and working in senior or managerial roles within organizations or consulting firms.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and usually requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions may be labeled as SOC analyst I or junior SOC analyst, but higher-level roles often demand certifications like CompTIA Security+ or CISSP and familiarity with security tools such as SIEM systems.

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What are popular job titles related to Security Risk Analyst jobs in Kentucky? For Security Risk Analyst jobs in Kentucky, the most frequently searched job titles are:
What job categories do people searching Security Risk Analyst jobs in Kentucky look for? The top searched job categories for Security Risk Analyst jobs in Kentucky are:
What are popular job titles related to Security Risk Analyst jobs in KY? For Security Risk Analyst jobs in KY, the most frequently searched job titles are:
Security Risk Analyst jobs near you
Infographic showing various Security Risk Analyst job openings in Kentucky as of June 2026, with employment types broken down into 1% As Needed, 96% Full Time, 2% Part Time, and 1% Contract. Highlights an 93% Physical, 3% Hybrid, and 4% Remote job distribution, with an average salary of $91,063 per year, or $43.8 per hour.
IT Security and Governance Analyst

IT Security and Governance Analyst

Brown-Forman

Louisville, KY • On-site

$43.25 - $57.50/hr

Full-time

Posted 14 days ago

Brown‑Forman rating

7.6

Company rating: 7.6 out of 10

Based on 7 frontline employees who took The Breakroom Quiz

117th of 388 rated food and drinks producers

Job description

Job Summary:
Brown-Forman is a premium spirits company that offers a dynamic opportunity for an experienced IT Governance/Risk/Compliance Analyst. In this role, you will identify and mitigate IT risks, ensure regulatory compliance, and enhance the organization's security posture through governance frameworks and controls.
Responsibilities:
• Develop and maintain IT governance frameworks and policies that align with industry standards and regulatory requirements, which are then implemented by IT owners.
• Support our IT risk management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated.
• Raise awareness within the organization of IT governance, risk and compliance programs that are risk based and align with compliance requirements.
• Track and ensure compliance with internal policies and external regulations through periodic audits and assessments.
• Ensure data security and privacy compliance by providing guidance on appropriate access controls, data classification protocols, and data protection measures.
• Collaborate with key stakeholders throughout the IT organization as well as with Internal Audit, Compliance, and Legal.
• Monitor evolving regulations, compliance standards, and best practices to strengthen our IT GRC capabilities and frameworks.
Qualifications:
Required:
• 3+ years of experience focused on governance, compliance, risk, audit or similar functions.
• Knowledge of IT governance and risk management frameworks including compliance practices (e.g., PCI, NIST, GDPR, COBIT, NIS2, Operation Technology, etc.).
• Strong analytical skills, attention to detail, and a problem-solving mindset.
• Excellent collaboration, communication and influencing skills with the ability to develop effective working relationships with all levels of the company.
• Exposure to risk assessments, policy development, and internal control audits.
Preferred:
• Bachelor’s degree within a related area of study.
• Information security related training or certifications such as CISA, CRISC, PCI QSA.
• Experience working with GRC platforms and tools.
• Familiarity with third-party risk management and vendor compliance.
Company:
Brown‑Forman Corporation is a global leader in the spirits industry, responsibly building exceptional beverage alcohol brands for more than 155 years. Founded in 1870, the company is headquartered in Louisville, USA, with a team of 5001-10000 employees. The company is currently Late Stage.

Apply