1

Security Risk Analyst Jobs in Michigan (NOW HIRING)

Security Analyst 3 Location: Landing, MI Duration: 12 Months * This role involves delivering ... doing Risk Assessments. * 3+ years of experience working to ensure compliance with security ...

... security, defense, and public service delivery. Our work focuses on sustaining, operating, and ... The Risk, Quality, and Performance Analyst serves as the Risk, Quality, and Performance Analyst ...

next page

Showing results 1-20

Security Risk Analyst information

See Michigan salary details

$9

$43

$60

How much do security risk analyst jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for security risk analyst in Michigan is $43.94, according to ZipRecruiter salary data. Most workers in this role earn between $35.62 and $52.36 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and expertise in areas such as threat analysis or security architecture. High salaries are often found in senior roles, management, or specialized fields within cybersecurity.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management. Salary potential varies based on the organization, location, and individual expertise.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered an entry-level position in cybersecurity, suitable for individuals with foundational knowledge of security principles, network protocols, and security tools. However, some SOC roles may require prior experience or certifications such as CompTIA Security+ or Certified SOC Analyst (CSA).

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What job categories do people searching Security Risk Analyst jobs in Michigan look for? The top searched job categories for Security Risk Analyst jobs in Michigan are:
Infographic showing various Security Risk Analyst job openings in Michigan as of July 2026, with employment types broken down into 81% Full Time, 4% Temporary, and 15% Contract. Highlights an 100% In-person job distribution, with an average salary of $91,385 per year, or $43.9 per hour.
Engineering Subject Matter Specialist (SSE Cyber)

Engineering Subject Matter Specialist (SSE Cyber)

FEDITC LLC

Warren, MI

$54 - $66.25/hr

Other

Re-posted 21 days ago


Job description

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.

Overview of position:

FEDITC is seeking Engineering Subject Matter Specialist (SSE Cyber) to work in Warren MI area.

Systems security engineering is a specialty engineering discipline of systems engineering that applies scientific, mathematical, engineering, and measurement principles, concepts, and methods to coordinate, orchestrate, and direct the activities of various security engineering specialties and other contributing engineering specialties to provide a fully integrated, system-level perspective of system security. Systems security engineering, as an integral part of systems engineering, helps to ensure that the appropriate security principles, concepts, methods, and practices are applied during the system life cycle to achieve stakeholder objectives for the protection of assets—across all forms of adversity characterized as disruptions, hazards, and threats. It also helps to reduce system defects that can lead to security vulnerability and as a result, reduces the susceptibility of the system to adversity. And finally, systems security engineering provides a sufficient base of evidence that supports claims that the desired level of trustworthiness has been achieved—that is, a level of trustworthiness that the agreed-upon asset protection needs of stakeholders can be adequately satisfied on a continuous basis despite such adversity.

A United States Citizenship and an active Secret DoD Security Clearance is required to be considered for this position.

VS2C staff designated as System Security Engineers (SSE) will be responsible for ensuring the development and delivery of capability through the implementation of an approach based on cost, schedule, performance, and risk. This will be accomplished using integrated and consistent systems engineering (SE) activities and processes, regardless of the acquisition life cycle phase of the program. The SSE will assist in conducting trade-off analyses and will integrate contributions from system security engineering disciplines such as anti-tamper, cybersecurity, exportability features, hardware assurance, software assurance, supply chain risk management; and security specialties (personnel security, industrial security, physical security, etc.). The SSE will also focus on Cyber survivability, to assess the ability of the system to perform its mission and functions, in the face of cyber-attack, by the anticipated adversaries, and to operate effectively in a cyber-contested environment. The outcome of the SSE’s efforts will be a comprehensive program and system protection strategy within the constraints of cost, schedule, and performance while maintaining an acceptable level of risk. To integrate all aspects of system security, the SSE will lead the evaluation and balancing of security contributions to produce a coherent security capability across the system and the program. 

Responsibilities

  • Defining stakeholder security objectives, protection needs, concerns, and system security requirements, along with associated validation and verification methods.
  • Developing security perspectives within system architecture and design, including security views and viewpoints.
  • Identifying and assessing vulnerabilities, threats, hazards, and susceptibility to disruptions throughout the system lifecycle.
  • Conducting security assessments and risk analysis to identify potential security threats.
  • Designing, developing, and implementing proactive and reactive security solutions to mitigate risks and protect systems and data.
  • Monitoring security systems for anomalies and responding to security incidents in a timely manner.
  • Providing security considerations to inform systems engineering, aiming to reduce errors, flaws, and weaknesses that could lead to unacceptable asset loss or security vulnerabilities.
  • Evaluating the costs and benefits of security functions and considerations to support analysis of alternatives, engineering trade-offs, and risk treatment decisions.
  • Performing security system analyses to support decision-making, risk management, and engineering trade-offs.
  • Demonstrating, through evidence-based reasoning, that system security claims are satisfied and providing substantiating evidence for system trustworthiness.
  • Leveraging expertise from multiple security and related specialties to deliver a trustworthy and secure system.
  • Ensuring the effectiveness and suitability of security elements as enablers for mission and business success.
  • Incorporating relevant threat and vulnerability data into security-relevant decisions.
  • Conducting security risk management activities, producing related information, and advising engineering teams and stakeholders on the impact of threats and vulnerabilities.
  • Collaborating with technical teams to integrate security measures into system design and development processes.
  • Identifying critical system components and providing well-organized analysis of systems and potential risks.
  • Supporting Program Protection Planning (PPP), aligned with the SSE Framework and DoD Technology and Program Protection Guidebook.
  • Applying multidisciplinary engineering expertise to address programmatic system security requirements, including protection needs assessment, secure architecture, security technologies, hardware/software assurance, cybersecurity testing/evaluation, and program protection plan development.
  • Advising on system description, functions, information types, operating environments, and security and privacy requirements.
  • Reviewing the adequacy of controls to protect the system and its information, manage privacy risks, and ensure compliance with privacy requirements.
  • Assisting in tailoring security and privacy controls as necessary.
  • Ensuring confidentiality, integrity, and availability by designing and implementing secure systems.
  • Ensuring system compliance with privacy requirements and managing privacy risks associated with processing personally identifiable information (PII).
  • Implementing secure and privacy-enhancing networking and computing environments.
  • Providing security and privacy planning to support system operations.
  • Implementing requirements for proper handling of data within the system.
  • Recommending system-level solutions to address security and privacy requirements.
  • Coordinating effective implementation of common controls across organizational systems.
  • Staying current on the latest security trends, technologies, and best practices to continuously improve system security.

Experience/Skills:

  • Two or more years of proven experience in system security engineering or a related role
  • Strong knowledge of security principles, practices, and technologies
  • Experience with security assessment tools and techniques
  • Excellent problem-solving and analytical skills
  • DoD/Military Training: (CLE 074 + CYB 5640/CYB 5640V/WSS 010 + WSS 011 + WSS 012 + CYB 5610 + CYB 5620V) or 4C-F22/160-F23, 4C-FA26

Education: 

  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, Software Engineering, or Information Technology (from an ABET accredited or NCAE-C-designated institution

Acceptable Certifications:

  • CND, GISF, SSCP, Security X/ CSAP+, CCSP, Cloud +, CSC, GCLD, GSEC, CISSP-ISSEP, FITSP-D, GCSA

Clearance:

  • Active Secret clearance is required.
  • Must be a United States Citizen and pass a background check.
  • Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC’S Client(s)/Customer(s)/Prime contractor(s).

FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran, FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.