1

Security Risk Analyst Jobs in Houston, TX (NOW HIRING)

Job Profile / Title IT Procurement Data & Risk Analyst (Contractor) Job Family Procurement ... Validate required contract, risk, compliance, insurance, and security documentation for ...

next page

Showing results 1-20

Security Risk Analyst information

See Houston, TX salary details

$9

$48

$66

How much do security risk analyst jobs pay per hour?

As of Jul 14, 2026, the average hourly pay for security risk analyst in Houston, TX is $48.12, according to ZipRecruiter salary data. Most workers in this role earn between $38.99 and $57.36 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and expertise in areas such as threat analysis or security architecture. High salaries are often found in senior roles, management, or specialized fields within cybersecurity.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management. Salary potential varies based on the organization, location, and individual expertise.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered an entry-level position in cybersecurity, suitable for individuals with foundational knowledge of security principles, network protocols, and security tools. However, some SOC roles may require prior experience or certifications such as CompTIA Security+ or Certified SOC Analyst (CSA).

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
What job categories do people searching Security Risk Analyst jobs in Houston, TX look for? The top searched job categories for Security Risk Analyst jobs in Houston, TX are:
What cities near Houston, TX are hiring for Security Risk Analyst jobs? Cities near Houston, TX with the most Security Risk Analyst job openings:
Infographic showing various Security Risk Analyst job openings in Houston, TX as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 7% Part Time, 1% Temporary, and 4% Contract. Highlights an 82% Physical, 6% Hybrid, and 12% Remote job distribution, with an average salary of $100,080 per year, or $48.1 per hour.
Analyst, Cybersecurity Threats & Risks

Analyst, Cybersecurity Threats & Risks

Enterprise Products

Houston, TX • On-site

Other

Re-posted 27 days ago


Enterprise Products rating

9.3

Company rating: 9.3 out of 10

Based on 36 frontline employees who took The Breakroom Quiz

1st of 52 rated energy and utility


Job description

Enterprise Products Partners L.P. is one of the largest publicly traded partnerships and a leading North American provider of midstream energy services to producers and consumers of natural gas, NGLs, crude oil, refined products and petrochemicals. Our services include: natural gas gathering, treating, processing, transportation and storage; NGL transportation, fractionation, storage and import and export terminals; crude oil gathering, transportation, storage and terminals; petrochemical and refined products transportation, storage and terminals; and a marine transportation business that operates primarily on the United States inland and Intracoastal Waterway systems. The partnership's assets include approximately 50,000 miles of pipelines; 260 million barrels of storage capacity for NGLs, crude oil, refined products and petrochemicals; and 14 billion cubic feet of natural gas storage capacity.  

Implement and support leading technologies as a member of Enterprise Products' IT team. Gain valuable experience with exposure to challenging and dynamic projects in all aspects of our business. Join our highly experienced network of professionals and connect with our creative team.

The Cybersecurity Threats & Risk Analyst will work within the IT Security & Compliance organization to identify, analyze, and help mitigate cybersecurity risks and threats affecting the organization's systems, data, and operations.  The ideal candidate will be responsible for assessing cyber risk and monitoring threat actor activity by analyzing security events, vulnerability data, threat intelligence, and security control effectiveness across infrastructure, applications, cloud, endpoint, and data environments.  This person will work closely with cyber engineering, cyber architecture, cyber operations, and risk management teams to support detection, investigation, and response efforts, while contributing to a broader understanding of the organization's risk posture and threat landscape.  They will also collaborate with IT and business teams to support remediation efforts, improve security visibility, and strengthen day-to-day security operations.  

Other responsibilities include, but are not limited to:

  • Participate in cyber risk and threat analysis activities, including risk assessments, threat monitoring, threat modeling, vulnerability analysis, and evaluation of security control effectiveness.
  • Analyze security alerts, threat intelligence, vulnerability data, and logs to identify potential threats, control gaps, and emerging risks.
  • Document risk findings, threat activity, investigation results, and remediation recommendations in accordance with established risk management standards.
  • Support threat investigations and incident response efforts through analysis, evidence collection, and impact assessment.
  • Conduct and support vulnerability and threat assessments, including tracking risks and validating remediation efforts.
  • Assist with third-party and vendor risk assessments by reviewing documentation and identifying potential risk exposures.
  • Develop and document assessment procedures, test cases, and validation steps used to evaluate security controls.
  • Support the validation and maintenance of security and risk tools (e.g., SIEM, vulnerability scanners, threat intelligence, GRC tools).
  • Identify opportunities to improve threat visibility, risk detection, and analytical workflows.
  • Perform root cause analysis for security incidents, control failures, or recurring threat patterns.
  • Adhere to change management, incident handling, and security governance policies.
  • Monitor environments during significant changes or maintenance activities for potential risk or threat impact.
  • Prepare risk and threat summaries for review by senior analysts, managers, and cross-functional teams.
  • Collaborate closely with cyber engineering, architecture, and operations teams to support remediation and control improvements.

The successful candidate will meet the following qualifications:

  • A college or technical school degree is preferred.
  • Experience working in enterprise IT or security environments with diverse technologies and integrations.
  • Foundational knowledge and experience in cyber risk and threat analysis concepts, threat detection and vulnerability assessments, as well as common security controls across infrastructure,       applications, cloud, endpoint, and data environments.
  • Working knowledge of security tools and platforms such as SIEM, vulnerability scanners, threat intelligence platforms, or GRC tools.
  • Understanding of common threat frameworks and methodologies (e.g., NIST, MITRE ATT&CK).
  • 2-5 years of applicable professional experience that substantially includes the following:
  • Cyber threat analysis, vulnerability assessment, or security operations support.
  • Reviewing and analyzing security alerts, logs, and threat intelligence.
  • Documenting risk findings, investigations, and remediation recommendations.
  • Experience supporting incident response, investigations, or post-incident analysis is preferred.
  • Experience assisting with third-party or vendor risk assessments is preferred.
  • Strong analytical and problem-solving skills, with attention to detail and the ability to identify patterns and anomalies.
  • Ability to clearly document findings and communicate technical information to senior analysts and cross-functional partners.
  • Self-motivated and able to work with limited supervision while following established procedures.
  • Strong organization and time management skills, with the ability to manage multiple tasks and priorities.
  • Willingness and ability to learn new tools, technologies, and threat techniques as the threat landscape evolves.
  • Ability to work and contribute effectively in a team environment to support overall security and risk management objectives.
  • Relevant cybersecurity certifications are preferred (e.g., Security , CySA , GSEC, GCIH, or similar).

What Enterprise Products employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom