ZipRecruiter

Log In

1

Security Risk Analyst Jobs in Virginia (NOW HIRING)

System One Holdings, LLC

Risk Analyst

Vienna, VA · On-site

Job Title: Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract ... Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full background check, criminal ...

System One

Risk Analyst

Vienna, VA · On-site

Job Title: Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract ... Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full background check, criminal ...

Beyond SOF

Cyber Risk Analyst (TS/SCI)

Reston, VA

Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...

Beyond SOF

Cyber Risk Analyst (TS/SCI)

Reston, VA · On-site

Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As a Cyber-Risk Analyst on our team, you'll use your ...

DRC Systems

Third-Party Risk Analyst

Mclean, VA · On-site

$45 - $47/hr

Bachelor's degree in Risk Management, Business Administration, Finance, Data Analytics, Project Management, Information Security, or related field. * 5+ years of experience in risk management or ...

INSPYR Solutions

Technical Risk Analyst

Vienna, VA · On-site

Technical Risk Analyst Position Summary We are seeking a Technical Risk Analyst to support IT security controls testing, risk assessments, and assurance activities across a complex technology ...

next page

Showing results 1-20

All JobsSecurity Risk Analyst JobsSecurity Risk Analyst Jobs in Virginia

Security Risk Analyst information

See Virginia salary details

$10

$49

$69

How much do security risk analyst jobs pay per hour?

As of Jun 26, 2026, the average hourly pay for security risk analyst in Virginia is $49.98, according to ZipRecruiter salary data. Most workers in this role earn between $40.53 and $59.57 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can potentially earn $200,000 or more annually, especially with advanced skills, certifications like CISSP, and experience in high-demand areas such as threat intelligence or security architecture. Achieving this level often requires several years of experience, specialized knowledge, and working in senior or managerial roles within organizations or consulting firms.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and usually requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions may be labeled as SOC analyst I or junior SOC analyst, but higher-level roles often demand certifications like CompTIA Security+ or CISSP and familiarity with security tools such as SIEM systems.

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What are popular job titles related to Security Risk Analyst jobs in Virginia? For Security Risk Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Security Risk Analyst jobs in Virginia look for? The top searched job categories for Security Risk Analyst jobs in Virginia are:
What are popular job titles related to Security Risk Analyst jobs in VA? For Security Risk Analyst jobs in VA, the most frequently searched job titles are:
Security Risk Analyst jobs near you
Infographic showing various Security Risk Analyst job openings in Virginia as of June 2026, with employment types broken down into 1% As Needed, 96% Full Time, 1% Part Time, and 2% Contract. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $103,948 per year, or $50 per hour.
Operational Risk Analyst -Security Governance & Risk Issues Management

Operational Risk Analyst -Security Governance & Risk Issues Management

NAVA Software Solutions

Merrifield, VA • On-site

Full-time

Posted 23 days ago

Job description

NAVA Software solutions is looking for an Operational Risk Analyst -Security Governance & Risk Issues Management
Details:
Operational Risk Analyst -Security Governance & Risk Issues Management
Location: Merrifield VA - Hybrid
Duration: 12 months
Basic Purpose
This role is specifically designated as an Operational Risk Management (ORM) role for Issue Management. The Contractor Analyst will be experienced in risk management, issue management, risk and control self-assessments (RCSA), and have an understanding of security standards, and familiarity with risk and compliance (GRC) tool operations. The Analyst will understand how the ORM framework applies to the business and be able to articulate the need for issue management. The Contractor Analyst will be responsible for supporting the daily operations of issue management and partnering with groups across security, IT and business risk teams. A successful candidate will be required to research issues, support the business in ensuring issues are captured timely, ensure issues are correctly risk assessed and remediation plans are documented and align to the underlying root cause.
Responsibilities
  • Attend meetings with stakeholders within security, IT and across the credit union to assess and encourage the need for submitting issues impacting information security.
  • Aid in the development of remediation plans.
  • Facilitate root cause analysis
  • Assess the impact and likelihood of an issue and provide justification for the ratings
  • Leverage various communication channels to obtain required information.
  • Work within the Logic Manager (GRC) platform
  • Support metrics and reporting focused on issues and event processes.
  • Aid business partners in understanding the importance of issue management.
  • Keep current with Information Security best practices and industry trends, and communicate/apply these practices to policy improvements and compliance actions.
  • Perform other duties as assigned

Qualifications
  • Experience in the credit union/financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
  • Experience managing issues from identification to remediation
  • IT Audit or first line IT or security risk experience a plus
  • Desired knowledge of NCUA, FFIEC, BSA/AML, NIST (including the Cyber Security Framework and 800 Series)
  • Effective planning and organizational skills
  • Effective research, analytical and problem solving skills
  • Strong verbal, written and interpersonal communication skills, including technical writing
  • Desired Bachelor Degree in business, information systems or related field or equivalent work/military experience
  • Ability to present findings and conclusions clearly and concisely
  • Experience in working with all levels of staff, management, stakeholders, and third parties
  • Ability to build effective relationships through rapport, trust, diplomacy, and tact
  • Strong word processing and spreadsheet software skills
NAVA Software Solutions logo

About NAVA Software Solutions

Sourced by ZipRecruiter

NAVA is a strategic partner for companies seeking to develop or customize software and products. Our team of experts leverages cutting-edge technology and deep industry knowledge to provide customized solutions that drive business success. Whether you're looking to improve your operations, increase efficiency, or bring a new product to market, NAVA has the expertise and resources to help you achieve your goals. Trust us to be your partner in software and product development.

Industry

It services

Company size

51 - 200 Employees

Headquarters location

Rocky Hill, CT, US

Social media

Facebook

View All NAVA Software Solutions Jobs

Apply