1

Security Risk Analyst Jobs in Michigan (NOW HIRING)

... Security and the relationship between threat, vulnerability and information - Good understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.) - Possess ...

Information Security experience (preferably Third Party Risk Management and Compliance) Familiarity with SOC 1 (SSAE 16*) and SOC 2 (**AT101) reports Ability to write process, procedures, flowcharts ...

Job Summary The Third-Party Risk Analyst supports the team in carrying out third-party risk ... Help coordinate assessments with internal partners (e.g., Legal, Information Security) and gather ...

We're hiring an IT Compliance Analyst to support our Information Security and IT Risk Management team through audit coordination, risk tracking, control remediation, and compliance initiatives. This ...

We're hiring an IT Compliance Analyst to support our Information Security and IT Risk Management team through audit coordination, risk tracking, control remediation, and compliance initiatives. This ...

IT Compliance Analyst

Grand Rapids, MI · On-site

$90K - $90K/yr

We're hiring an IT Compliance Analyst to support our Information Security and IT Risk Management team through audit coordination, risk tracking, control remediation, and compliance initiatives. This ...

Job Title: Security Analyst Location: Lansing, MI 48909 Duration: 12 Months Job Desription: Top ... Provides risk and compliance related support to the Security Accreditation Process Team and ...

Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems

next page

Showing results 1-20

Security Risk Analyst information

See Michigan salary details

$9

$43

$60

How much do security risk analyst jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for security risk analyst in Michigan is $43.94, according to ZipRecruiter salary data. Most workers in this role earn between $35.62 and $52.36 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and expertise in areas such as threat analysis or security architecture. High salaries are often found in senior roles, management, or specialized fields within cybersecurity.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management. Salary potential varies based on the organization, location, and individual expertise.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered an entry-level position in cybersecurity, suitable for individuals with foundational knowledge of security principles, network protocols, and security tools. However, some SOC roles may require prior experience or certifications such as CompTIA Security+ or Certified SOC Analyst (CSA).

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What job categories do people searching Security Risk Analyst jobs in Michigan look for? The top searched job categories for Security Risk Analyst jobs in Michigan are:
Infographic showing various Security Risk Analyst job openings in Michigan as of July 2026, with employment types broken down into 81% Full Time, 4% Temporary, and 15% Contract. Highlights an 100% In-person job distribution, with an average salary of $91,385 per year, or $43.9 per hour.
IT Security Risk Analyst

IT Security Risk Analyst

Strategic Staffing Solutions

Detroit, MI • On-site

Other

Posted 3 days ago


Job description

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

IT Security Risk Analyst
Detroit, MI / Remote in EST/CST
6+ Months with extension
W2 Contract engagement

Job Description:

Provides information security risk knowledge and serves as a specialist to identify, prioritize, and collaboratively mitigate cyber risk enterprise-wide. Responsible for the following:


  • Plan, coordinate and conduct security risk assessments for information systems and third parties
  • Compose reports, assessments, and other documents to provide decision support on information security risks and controls for executives, system owners and management
  • Assess the likelihood and impact of adverse events and recommend effective controls and mitigations to management
  • Research, analyze and report on the cybersecurity risk of doing business with third parties
  • Facilitate the response and mitigation of third party security incidents
  • Support the continuous improvement and implementation of Information Security Policies, Standards, Processes, and Procedures
  • Contribute to the enhancement and implementation of the information security risks & controls library
  • Perform control assessments to determine if cybersecurity controls are effective and in compliance with applicable requirements
  • Establish and implement effective security awareness practices across the System, including training, phishing, and communications.

MINIMUM QUALIFICATIONS


  • Bachelor s degree or an equivalent combination of education and experience.
  • Minimum of three (3) years of progressive experience in Information Services including one (1) year in information security, including experience in compliance with federal and state security regulations
  • Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA) or equivalent
  • Must possess a general understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.
  • Working knowledge of one or more information security regulations and/or frameworks; i.e. HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security.
  • Experience with administrative and technical assessments as well as enforcing organizational

*Beware of scams. S3 never asks for money during its onboarding process