IT Security Analyst T2
Herndon, VA · On-site
The Cyber Trust Analyst will work in a collaborative effort with the Security, IT, and business units to ensure security, risk, and technical controls are communicated to appropriate stakeholders ...
IT Security Analyst T2
Herndon, VA · On-site
The Cyber Trust Analyst will work in a collaborative effort with the Security, IT, and business units to ensure security, risk, and technical controls are communicated to appropriate stakeholders ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Analyst II, Information Risk Management is an integral individual contributor role within the CarMax Information Security Organization, focused on planning and executing critical risk and privacy ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
The Industry and Security Analysis Group (ISAG) within JOID provides analytical, technical, and ... We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the ...
Oracle ERP Risk Analyst
Merrifield, VA · On-site
This role blends security and compliance operations with business systems analysis, requiring ... on risk and timelines o Documentation of findings, root cause, and remediation actions • ...
Oracle ERP Risk Analyst
Merrifield, VA · On-site
This role blends security and compliance operations with business systems analysis, requiring ... on risk and timelines o Documentation of findings, root cause, and remediation actions • ...
Conduct log analysis from multiple avenues and tools to triage activity in support of incident ... resolve complex security problems/issues/risks and facilitate resolution and risk mitigation.
Conduct log analysis from multiple avenues and tools to triage activity in support of incident ... resolve complex security problems/issues/risks and facilitate resolution and risk mitigation.
Conduct vulnerability analysis, risk assessment and remediation planning. Guide continuous ... Provide training, mentoring and support to security analysts and program team members. REQUIRED ...
Conduct vulnerability analysis, risk assessment and remediation planning. Guide continuous ... Provide training, mentoring and support to security analysts and program team members. REQUIRED ...
Ability to analyze complex technical environments and communicate risk in business-focused terms. * Strong knowledge of information security frameworks including NIST CSF, NIST 800‑53, ISO 27001 ...
Quick apply
Ability to analyze complex technical environments and communicate risk in business-focused terms. * Strong knowledge of information security frameworks including NIST CSF, NIST 800‑53, ISO 27001 ...
Foreign Investment Risk Analyst
Arlington, VA · On-site
$90K/yr
The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation's risk advisor, working ... The official title of this position is Management Analyst, GS-0343-13/14. Qualifications:Do NOT ...
Foreign Investment Risk Analyst
Arlington, VA · On-site
$90K/yr
The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation's risk advisor, working ... The official title of this position is Management Analyst, GS-0343-13/14. Qualifications:Do NOT ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... As an information security risk specialist on our team, you'll work with industry partners to ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50 ... As an information security risk specialist on our team, you'll work with industry partners to ...
We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the Department of Homeland Security in the NCR. Responsibilities The candidate will support DHS Office of ...
We have an upcoming need for a DHS Risk Mitigation Analyst to provide onsite support to the Department of Homeland Security in the NCR. Responsibilities The candidate will support DHS Office of ...
Program Manager I, AWS Security & Risk Compliance, AWS Compliance & Security Assurance
Herndon, VA · On-site
About the team Security Risk Analytics (SRA) sits within AWS Security Risk and Compliance (SRC) and operates under the Compliance Operations and Regulatory Response (CORR) organization. SRA is ...
Program Manager I, AWS Security & Risk Compliance, AWS Compliance & Security Assurance
Herndon, VA · On-site
About the team Security Risk Analytics (SRA) sits within AWS Security Risk and Compliance (SRC) and operates under the Compliance Operations and Regulatory Response (CORR) organization. SRA is ...
We are looking for a Program Manager who will own the end-to-end scope, management, and delivery of scalable programs supporting the Security Risk Analytics tam Operating in a fast-moving environment ...
We are looking for a Program Manager who will own the end-to-end scope, management, and delivery of scalable programs supporting the Security Risk Analytics tam Operating in a fast-moving environment ...
We are looking for a Program Manager who will own the end-to-end scope, management, and delivery of scalable programs supporting the Security Risk Analytics tam Operating in a fast-moving environment ...
We are looking for a Program Manager who will own the end-to-end scope, management, and delivery of scalable programs supporting the Security Risk Analytics tam Operating in a fast-moving environment ...
... Risk Management Framework SME with a TS/SCI security clearance to support TGS and our government ... Strong analytical, communication, and documentation skills. * Ability to collaborate effectively ...
... Risk Management Framework SME with a TS/SCI security clearance to support TGS and our government ... Strong analytical, communication, and documentation skills. * Ability to collaborate effectively ...
... Security business unit, is currently seeking persons with significant experience planning and ... D.; Ph.D. preferred) and at least 10 years of experience in risk analysis, mathematics ...
... Security business unit, is currently seeking persons with significant experience planning and ... D.; Ph.D. preferred) and at least 10 years of experience in risk analysis, mathematics ...
Cyber Risk Analyst SME
Arlington, VA · On-site
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Support the identification, analysis, and validation of complex security risks and associated ...
Cyber Risk Analyst SME
Arlington, VA · On-site
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Support the identification, analysis, and validation of complex security risks and associated ...
Join us today. Our Financial Management & Business Analysis Portfolio supports the U.S. Army ... SPA has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within ...
Join us today. Our Financial Management & Business Analysis Portfolio supports the U.S. Army ... SPA has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within ...
Security Risk Analyst information
See Virginia salary details
$10.25 - $15.62
2% of jobs
$15.62 - $20.99
0% of jobs
$20.99 - $26.37
1% of jobs
$26.37 - $31.74
1% of jobs
$31.74 - $37.11
1% of jobs
$41.14 is the 25th percentile. Wages below this are outliers.
$37.11 - $42.49
26% of jobs
$42.49 - $47.86
11% of jobs
The median wage is $49.78 / hr.
$47.86 - $53.23
22% of jobs
$53.23 - $58.61
9% of jobs
$59.03 is the 75th percentile. Wages above this are outliers.
$58.61 - $63.98
17% of jobs
$63.98 - $69.35
9% of jobs
$10
$49
$69
How much do security risk analyst jobs pay per hour?
As of Jun 26, 2026, the average hourly pay for security risk analyst in Virginia is $49.98, according to ZipRecruiter salary data. Most workers in this role earn between $40.53 and $59.57 per hour, depending on experience, location, and employer.
Can I make $200,000 a year in cyber security?
Security Risk Analysts and other cybersecurity professionals can potentially earn $200,000 or more annually, especially with advanced skills, certifications like CISSP, and experience in high-demand areas such as threat intelligence or security architecture. Achieving this level often requires several years of experience, specialized knowledge, and working in senior or managerial roles within organizations or consulting firms.
What does a Security Risk Analyst do?
A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.
What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?
To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.
What are some common challenges Security Risk Analysts face when collaborating with other departments?
Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.
Can you make $500,000 a year in cyber security?
Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management.
Is SOC an entry level job?
A Security Operations Center (SOC) analyst role is typically not entry-level and usually requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions may be labeled as SOC analyst I or junior SOC analyst, but higher-level roles often demand certifications like CompTIA Security+ or CISSP and familiarity with security tools such as SIEM systems.
What is the difference between Security Risk Analyst vs Security Analyst?
| Aspect | Security Risk Analyst | Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISA | CompTIA Security+, CISSP, CEH |
| Work Environment | Risk assessment, vulnerability analysis, policy development | Monitoring security systems, incident response, security audits |
| Employer & Industry Usage | Financial, healthcare, government sectors focusing on risk mitigation | IT departments across various industries focusing on security operations |
While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.
What is a security risk analyst?
A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What are popular job titles related to Security Risk Analyst jobs in Virginia? For Security Risk Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Security Risk Analyst jobs in Virginia look for? The top searched job categories for Security Risk Analyst jobs in Virginia are:
What are popular job titles related to Security Risk Analyst jobs in VA? For Security Risk Analyst jobs in VA, the most frequently searched job titles are:
Job description
Customer: SAP NS2 Internal Project
US Citizen only
IT Security Analyst T2
12/16/2024 to 12/15/2025
Physical Work Arrangement NS2 Office (Herndon, VA)
Description:
The Cyber Trust Analyst will work in a collaborative effort with the Security, IT, and business units to ensure security, risk, and technical controls are communicated to appropriate stakeholders including customers. Working for the Cybersecurity department, the Cyber Trust Analyst, functions as a highly skilled control and risk consultant responsible for responding to internal privacy, security, risk and IT inquiries on audits and assessments. - In this position, the analyst will be responsible for responding to customer inquiries, security questionnaires and developing external messages in response to security concerns. Responsibilities include perform comprehensive review of customer inquiry or questionnaire, prepare complete response and coordinate with stakeholders for release. Develop external communications and statements pertaining to increased threat environments or addressing specific security concerns. Brief management and stakeholders on trust operations and trends and provide recommendations. Collaborate with departments to improve security trust operations, communicate risk, and bolster effectiveness. Develop best practice recommendations to improve security on all levels.
Minimum Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
• Bachelor's degree in a related field or equivalent professional experience required
• Minimum 3 years IT experience with three or more years of practical experience in a cyber threat analysis or security technology role
Advanced knowledge of the following:
• information systems security concepts and technologies
• network architecture and tools
• Ability to effectively communicate at all levels, both verbal and written
• Demonstrated experience with security & risk frameworks, standards and best practices (e.g.: NIST, HIPAA, PCI, SOX, DFARS, ISO/IEC standards, etc.).
Candidates with these desired skills will be given preferential consideration:
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Global Information Assurance Certification (GIAC)
• Certificate programs in relevant areas
US Citizen only
IT Security Analyst T2
12/16/2024 to 12/15/2025
Physical Work Arrangement NS2 Office (Herndon, VA)
Description:
The Cyber Trust Analyst will work in a collaborative effort with the Security, IT, and business units to ensure security, risk, and technical controls are communicated to appropriate stakeholders including customers. Working for the Cybersecurity department, the Cyber Trust Analyst, functions as a highly skilled control and risk consultant responsible for responding to internal privacy, security, risk and IT inquiries on audits and assessments. - In this position, the analyst will be responsible for responding to customer inquiries, security questionnaires and developing external messages in response to security concerns. Responsibilities include perform comprehensive review of customer inquiry or questionnaire, prepare complete response and coordinate with stakeholders for release. Develop external communications and statements pertaining to increased threat environments or addressing specific security concerns. Brief management and stakeholders on trust operations and trends and provide recommendations. Collaborate with departments to improve security trust operations, communicate risk, and bolster effectiveness. Develop best practice recommendations to improve security on all levels.
Minimum Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
• Bachelor's degree in a related field or equivalent professional experience required
• Minimum 3 years IT experience with three or more years of practical experience in a cyber threat analysis or security technology role
Advanced knowledge of the following:
• information systems security concepts and technologies
• network architecture and tools
• Ability to effectively communicate at all levels, both verbal and written
• Demonstrated experience with security & risk frameworks, standards and best practices (e.g.: NIST, HIPAA, PCI, SOX, DFARS, ISO/IEC standards, etc.).
Candidates with these desired skills will be given preferential consideration:
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Global Information Assurance Certification (GIAC)
• Certificate programs in relevant areas
About Xforia
Sourced by ZipRecruiter