1

Security Risk Analyst Jobs in Virginia (NOW HIRING)

We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Support the identification, analysis, and validation of complex security risks and associated ...

next page

Showing results 1-20

Security Risk Analyst information

See Virginia salary details

$10

$49

$69

How much do security risk analyst jobs pay per hour?

As of Jul 17, 2026, the average hourly pay for security risk analyst in Virginia is $49.98, according to ZipRecruiter salary data. Most workers in this role earn between $40.53 and $59.57 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and expertise in areas such as threat analysis or security architecture. High salaries are often found in senior roles, management, or specialized fields within cybersecurity.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management. Salary potential varies based on the organization, location, and individual expertise.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered an entry-level position in cybersecurity, suitable for individuals with foundational knowledge of security principles, network protocols, and security tools. However, some SOC roles may require prior experience or certifications such as CompTIA Security+ or Certified SOC Analyst (CSA).

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What job categories do people searching Security Risk Analyst jobs in Virginia look for? The top searched job categories for Security Risk Analyst jobs in Virginia are:
Infographic showing various Security Risk Analyst job openings in Virginia as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $103,948 per year, or $50 per hour.
Risk and Compliance Systems Analyst

Risk and Compliance Systems Analyst

System One

Vienna, VA • On-site

Contractor

Medical, Dental, Vision, Life, Retirement

Re-posted 23 days ago


Job description

Job Title: Risk and Compliance Systems Analyst (Oracle ERP Fusion and RMC) Location: Vienna, VA Pay Rate: open to W2 and established 1099's Work Model: Hybrid, onsite 3 days a week Position type: multiyear contract We are looking for an Oracle ERP Fusion security and controls analyst who manages user access, monitors Oracle Risk Management Cloud (RMC) compliance issues, supports audits, documents processes, tests system changes, and coordinates with Finance, HR, Procurement, and IT teams to keep the ERP environment secure and compliant. Candidates must have 5-10 years of professional experience and recent, hands on experience with both Oracle ERP Fusion and RMC. We are able to work with W2 and established 1099s. This position is a Finance Technology Security & Controls Analyst/Business Systems Analyst role focused on Oracle ERP Fusion security, risk monitoring, and compliance operations within a Finance Technology environment. The role supports the Oracle ERP Fusion ecosystem and Oracle Risk Management Cloud (RMC) by managing user access, privileged access, risk alerts, incidents, audit readiness, and compliance activities. It combines security operations, business analysis, testing, stakeholder coordination, and documentation responsibilities. The ideal candidate will work across Finance, Procurement, HR, and Technology teams to strengthen security controls, support audits and ICFR compliance, improve processes, conduct testing (SIT/UAT), and drive operational improvements using automation and AI tools like Microsoft Copilot. We are seeking a skilled contractor to join the Finance Technology Security and Controls team. This team is responsible for security, risk monitoring, and compliance across the Oracle ERP Fusion ecosystem, leveraging the Risk Management Cloud (RMC) module to identify, assess, and mitigate risk. This role blends security and compliance operations with business systems analysis, requiring strong coordination, documentation, and testing capabilities within a Finance Technology environment. The ideal candidate demonstrates intellectual curiosity and is comfortable leveraging tools such as Microsoft Copilot to enhance productivity and outcomes. Key Responsibilities • Perform user access reviews and manage privileged access across Oracle ERP Fusion • Monitor, investigate, and resolve RMC alerts and incidents related to security and compliance, including: o Incident intake, tracking, and resolution o Monitoring incident aging and driving timely closure o Escalation management based on risk and timelines o Documentation of findings, root cause, and remediation actions • Collaborate with internal and external auditors to support ICFR requirements and audit readiness • Partner across Procurement, Finance, HR, and Technology teams to ensure alignment on security and control execution • Act as a Business Systems Analyst o Gather, document, and refine requirements o Analyze processes and recommend improvements o Support risk assessments and remediation efforts • Author and execute test scenarios to support system changes, including System Integration Testing and User Acceptance Testing • Coordinate meetings, track action items, and drive follow-ups across stakeholders • Develop and maintain documentation including SOPs, process guides, and audit artifacts • Identify opportunities to improve efficiency through automation, standardization, and use of AI tools Required Skills and Experience • Strong experience with Oracle ERP Fusion security, including roles, privileges, and data access • Hands-on experience with Oracle Risk Management Cloud (RMC) • Solid understanding of ICFR and compliance frameworks • Experience with user access management, privileged access, and risk monitoring • Ability to work across ERP modules including Finance, Procurement, and HR • Experience managing incidents, including tracking, aging, escalation, and resolution • Strong documentation, organization, and analytical skills • Experience coordinating across multiple stakeholders and driving deliverables to completion • Strong communication and collaboration skills Preferred Qualifications • Prior experience supporting audit and risk management activities • Familiarity with segregation of duties concepts • Experience with OTBI reporting for security and compliance • Experience authoring and executing SIT and UAT test scenarios • Comfort using AI-enabled tools such as Microsoft Copilot • Background in Finance Technology or similar environments System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic data, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law. #M- #LI-