1

Security Risk Analyst Jobs (NOW HIRING)

Position Summary SHEIN Global Security & Risk Management is a global security organization that ... The GRC Risk Analyst, a thought leader residing within our security organization, is responsible ...

Position Summary SHEIN Global Security & Risk Management is a global security organization that ... The GRC Risk Analyst, a thought leader residing within our security organization, is responsible ...

... security risk, and model risk. * Track, manage, monitor, and report on risk issues and corrective ... Analyze and report Key Risk Indicators (KRIs) and Risk Appetite Statement (RAS) metrics. * Prepare ...

... security risk, and model risk. * Track, manage, monitor, and report on risk issues and corrective ... Analyze and report Key Risk Indicators (KRIs) and Risk Appetite Statement (RAS) metrics. * Prepare ...

Security Risk Manager

San Francisco, CA · Hybrid

$194K - $220K/yr

Our security team protects Asana's employees, users, and customers by proactively addressing ... analysis. You back up risk ratings with numbers, not just color codes. * Hands-on experience ...

Security Risk Manager

San Francisco, CA · On-site

$194K - $220K/yr

Our security team protects Asana's employees, users, and customers by proactively addressing ... analysis. You back up risk ratings with numbers, not just color codes. * Hands-on experience ...

ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of ...

ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of ...

Description ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and ...

next page

Showing results 1-20

Security Risk Analyst information

See salary details

$10

$50

$69

How much do security risk analyst jobs pay per hour?

As of Jul 16, 2026, the average hourly pay for security risk analyst in the United States is $50.41, according to ZipRecruiter salary data. Most workers in this role earn between $40.87 and $60.10 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP, and expertise in areas such as threat analysis or security architecture. High salaries are often found in senior roles, management, or specialized fields within cybersecurity.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management. Salary potential varies based on the organization, location, and individual expertise.

Is SOC an entry-level job?

A Security Operations Center (SOC) analyst role is often considered an entry-level position in cybersecurity, suitable for individuals with foundational knowledge of security principles, network protocols, and security tools. However, some SOC roles may require prior experience or certifications such as CompTIA Security+ or Certified SOC Analyst (CSA).

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
More about Security Risk Analyst jobs
What cities are hiring for Security Risk Analyst jobs? Cities with the most Security Risk Analyst job openings:
Who are the top companies hiring for Security Risk Analyst jobs? The top employers for Security Risk Analyst jobs are:
What states have the most Security Risk Analyst jobs? States with the most job openings for Security Risk Analyst jobs include:
Infographic showing various Security Risk Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $104,848 per year, or $50.4 per hour.
Information Security Risk Analyst

Information Security Risk Analyst

Lam Research Corporation

Tualatin, OR • On-site

Full-time

Posted 11 days ago


Lam Research rating

8.7

Company rating: 8.7 out of 10

Based on 45 frontline employees who took The Breakroom Quiz

46th of 430 rated machine equipment manufacturers


Job description

Job Summary
The Cyber Threat Analytics Analyst is responsible for identifying, developing, and improving the organization's ability to detect malicious behavior, suspicious activity, and security anomalies across the enterprise. This role is part Information Security team focused on bringing detection development, threat analysis operationalization, SIEM correlation, behavioral analytics, and AI-assisted threat detection capabilities into the organization.The analyst will work closely with Security Operations, Incident Response, and Vulnerability Management teams to improve detection coverage, reduce false positives, and identify threats that may bypass traditional controls.
Job Responsibilities
  • Develop, test, tune, and maintain SIEM detection rules, log correlation searches, alerts, dashboards, and analytics.
  • Translate threat intelligence, adversary tactics, and emerging attack trends into actionable detections.
  • Build and improve analytics to identify malicious behavior, compromised accounts, lateral movement, and anomalous activity.
  • Use AI-driven analytics, UEBA, and behavioral baselining to identify activity that deviates from normal user, endpoint, network, cloud, and application behavior.
  • Map detection content to MITRE ATT&CK tactics and techniques to identify coverage strengths and gaps.
  • Partner with SOC analysts to improve alert triage, investigation playbooks, enrichment, and escalation criteria.
  • Support Incident Response during active investigations by analyzing logs, identifying patterns, and developing new detections from lessons learned.
  • Identify gaps in logging, telemetry, and visibility and recommend improvements to security monitoring coverage.
  • Document detection logic, assumptions, data sources, expected behavior, response guidance, and tuning decisions.
  • Track detection effectiveness, alert fidelity, false positive rates, detection coverage, and time-to-detect improvements.

Who We're Looking For
We are looking for an analytical and curious cybersecurity professional who enjoys finding patterns in large volumes of security data. The ideal candidate understands how attackers operate, how enterprise systems generate security telemetry, and how to turn threat intelligence into meaningful detections. The right person for this role should be comfortable working across SIEM data, endpoint telemetry, identity logs, cloud activity, email security events, network data, and behavioral analytics platforms. They should be able to think like an attacker, understand normal business behavior, and identify signals that indicate suspicious or malicious activity.
Strong candidates will have experience in one or more of the following areas:
  • Security Operations Center analysis
  • Threat hunting
  • SIEM rule development
  • Threat intelligence analysis
  • Incident response
  • Detection tuning
  • Behavioral analytics or UEBA
  • Cloud, endpoint, identity, or network security monitoring

Preferred Qualifications
  • Experience with SIEM platforms such as Microsoft Sentinel, Splunk, Exabeam, Securonix, or similar tools.
  • Experience writing detection queries using KQL, SPL, SQL, or similar query languages.
  • Familiarity with Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, Microsoft Sentinel, Entra ID, or similar security platforms.
  • Understanding of MITRE ATT&CK and common adversary tactics, techniques, and procedures.
  • Experience using threat intelligence to create detections and threat hunting hypotheses.
  • Experience with AI-assisted analytics, UEBA, anomaly detection, or behavioral baselining.
  • Familiarity with cloud security monitoring across Azure, AWS, or Google Cloud.
  • Ability to analyze logs from identity systems, endpoints, firewalls, proxies, email gateways, SaaS applications, and cloud platforms.
  • Experience documenting detection logic, investigation steps, and response guidance.
  • Scripting or automation experience with Python, PowerShell, Logic Apps, or similar tools.
  • Familiarity with MISP, STIX/TAXII, threat intelligence feeds, or indicator management.
  • Certifications such as GCIH, GCIA, GCDA, GMON, GCTI, GCFA, Security+, CySA+, CISSP, or equivalent experience.

Our commitment
We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.
Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.
Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories - On-site Flex and Virtual Flex. 'On-site Flex' you'll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. 'Virtual Flex' you'll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.
Our Perks and Benefits
At Lam, our people make amazing things possible. That's why we invest in you throughout the phases of your life with a comprehensive set of outstanding benefits.

What Lam Research employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Lam Research logo

About Lam Research

Sourced by ZipRecruiter

Lam Research designs and builds products for semiconductor manufacturing, including equipment for thin film deposition, plasma etch, photoresist strip, and wafer cleaning processes.

Industry

Manufacturing

Company size

10,000+ Employees

Headquarters location

Fremont, CA, US

Year founded

1980

Social media