ZipRecruiter

Log In

1

Security Risk Analyst Jobs (NOW HIRING)

Citizens

ETS Risk Analyst II

Johnston, RI · Hybrid

ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of ...

Citizens Bank

ETS Risk Analyst II

Johnston, RI · On-site

ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of ...

Citizens

ETS Risk Analyst II

Johnston, RI · Hybrid

Description ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and ...

Citizens

ETS Risk Analyst II

Johnston, RI · Hybrid

Description ETS Risk Analyst II - Monitoring and Testing Role Overview The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and ...

Zoetis, Inc.

Cyber Risk Analyst

Malvern, PA · On-site

Additionally, the Cyber Risk Analyst will help track enterprise security risk by monitoring risk metrics, maintaining risk registers, and providing regular updates to leadership, enabling informed ...

Tempus

Senior Cyber Risk Analyst

Chicago, IL · On-site

$110K - $130K/yr

Strategic Security Initiatives * M&A Due Diligence: Provide technical expertise during Mergers and Acquisitions (M&A). Conduct pre-acquisition security risk analyses and ensure post-acquisition ...

next page

Showing results 1-20

All JobsSecurity Risk Analyst Jobs

Security Risk Analyst information

See salary details

$10

$50

$69

How much do security risk analyst jobs pay per hour?

As of Jun 26, 2026, the average hourly pay for security risk analyst in the United States is $50.41, according to ZipRecruiter salary data. Most workers in this role earn between $40.87 and $60.10 per hour, depending on experience, location, and employer.

Can I make $200,000 a year in cyber security?

Security Risk Analysts and other cybersecurity professionals can potentially earn $200,000 or more annually, especially with advanced skills, certifications like CISSP, and experience in high-demand areas such as threat intelligence or security architecture. Achieving this level often requires several years of experience, specialized knowledge, and working in senior or managerial roles within organizations or consulting firms.

What does a Security Risk Analyst do?

A Security Risk Analyst is responsible for identifying, assessing, and mitigating risks to an organization's information systems and data. They analyze security measures, conduct vulnerability assessments, and recommend strategies to protect against threats such as cyberattacks, data breaches, and unauthorized access. Their work helps ensure that a company's digital assets remain safe and compliant with industry regulations. Security Risk Analysts collaborate with IT teams and management to implement effective security policies and respond to incidents as needed.

What are the key skills and qualifications needed to thrive as a Security Risk Analyst, and why are they important?

To thrive as a Security Risk Analyst, you need a strong background in risk assessment, information security principles, and analytical thinking, often supported by a degree in cybersecurity, IT, or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security assessment tools, and certifications like CISSP or CISM is highly valuable. Excellent communication, attention to detail, and problem-solving abilities help you translate complex risks for varied stakeholders and drive mitigation strategies. These skills and qualities are crucial for identifying vulnerabilities, minimizing threats, and maintaining organizational security and compliance.

What are some common challenges Security Risk Analysts face when collaborating with other departments?

Security Risk Analysts often work closely with IT, compliance, and business units to assess and mitigate risks. A common challenge is bridging the gap between technical security requirements and business objectives, as not all stakeholders may have a cybersecurity background. Effective communication and education are key to ensuring that risk recommendations are understood and adopted. Additionally, prioritizing risks with limited resources and balancing security with operational needs can be complex, requiring strong collaboration and negotiation skills.

Can you make $500,000 a year in cyber security?

Security Risk Analysts typically earn salaries below $200,000 annually, but senior roles such as Chief Information Security Officers or cybersecurity executives can reach or exceed $500,000 with extensive experience, certifications, and leadership responsibilities. Achieving this level often requires advanced skills, industry certifications like CISSP, and years of experience in high-level security management.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and usually requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions may be labeled as SOC analyst I or junior SOC analyst, but higher-level roles often demand certifications like CompTIA Security+ or CISSP and familiarity with security tools such as SIEM systems.

What is the difference between Security Risk Analyst vs Security Analyst?

AspectSecurity Risk AnalystSecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, vulnerability analysis, policy developmentMonitoring security systems, incident response, security audits
Employer & Industry UsageFinancial, healthcare, government sectors focusing on risk mitigationIT departments across various industries focusing on security operations

While both roles focus on cybersecurity, Security Risk Analysts primarily assess and manage potential security threats and vulnerabilities, emphasizing risk mitigation strategies. Security Analysts tend to monitor security systems, respond to incidents, and ensure ongoing security measures. Both roles often require similar certifications and work environments but differ in their core responsibilities within cybersecurity teams.

What is a security risk analyst?

A security risk analyst is a professional who identifies, assesses, and mitigates security threats to an organization’s information systems. They analyze vulnerabilities, develop security strategies, and often use tools like risk assessment frameworks and security software to protect data and infrastructure.
More about Security Risk Analyst jobs
What cities are hiring for Security Risk Analyst jobs? Cities with the most Security Risk Analyst job openings:
Who are the top companies hiring for Security Risk Analyst jobs? The top employers for Security Risk Analyst jobs are:
What states have the most Security Risk Analyst jobs? States with the most job openings for Security Risk Analyst jobs include:
What job categories do people searching Security Risk Analyst jobs look for? The top searched job categories for Security Risk Analyst jobs are:
What are popular job titles related to Security Risk Analyst jobs? For Security Risk Analyst jobs, the most frequently searched job titles are:
Security Risk Analyst jobs near you
Infographic showing various Security Risk Analyst job openings in the United States as of June 2026, with employment types broken down into 1% As Needed, 97% Full Time, 1% Part Time, and 1% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $104,848 per year, or $50.4 per hour.
Security Risk & Compliance Assistant

Security Risk & Compliance Assistant

Robinson Bradshaw & Hinson

Charlotte, NC • Hybrid

Full-time

Posted 14 days ago

Job description

The Security Risk and Compliance Assistant’s primary responsibility is to coordinate the Firm’s security compliance efforts and support the Firm’s overall information security program in collaboration with other key stakeholders in the Firm. Reporting to the Firm’s Security Risk and Compliance Analyst, the assistant will have a range of responsibilities to assist with the Firm’s interaction and compliance with client-directed security controls, the Firm’s internal security governance and compliance efforts, and furtherance of the Firm’s information security initiatives to satisfy to the Firm’s ethical, legal and contractual obligations.

JOB RESPONSIBILITIES:

  • Provide administrative assistance to the Security Risk & Compliance Analyst to coordinate and execute projects designed to manage and reduce risk for the firm and its clients.
  • Assist Security Risk & Compliance Analyst in maintaining files related to risk management and compliance functions and identifying, tracking, and mitigating risks related to firm and client information.
  • Assist Security Risk and Compliance Analyst to develop, maintain, evaluate, and implement policies and procedures in line with business requirements and national and international legislative and regulatory changes (i.e., ISO 27001/22301, HIPAA, NIST).
  • Assist with maintaining an inventory of security improvement opportunities and action items; prepare periodic reports on trends and compliance.
  • Assist with status reports on security matters to develop security risk analysis exceptions.
  • Assist with security and risk management audits, assessments, and mitigation plans.
  • Assist with the creation and maintenance of security and risk management documentation, including policies, procedures, internal risk assessments, risk registries, and similar tracking documents.
  • Assist with security risk management programs such as access management, vulnerability management, business continuity, data protection, and risk governance.
  • Assist with third-party vendor risk management program.
  • Other duties, as assigned, are based on the ongoing evolution of the Information Security program.

KNOWLEDGE, SKILLS, AND ABILITIES:

  • Proficiency with Microsoft Office Suite 365 (Word, Excel, Power Point, etc.).
  • Ability to learn and adopt to innovative technology and software packages specific to Governance Risk & Compliance.
  • Willing to learn department specific databases or software as necessary (e.g., Vendor Risk Management and project tracking software).
  • Bachelor’s degree with a cyber risk or cybersecurity focus or a combination of a cyber-security certificate from an accredited two year college program at least two years of office clerical or general office experience required
  • Foundational understanding of Information Security controls, governance principles, and standards/frameworks (e.g., NIST Cybersecurity Framework and the Health Insurance Portability and Accountability Act (HIPAA).
  • A passion for learning about Information Security in the legal industry.
  • Ability to always provide Distinctively Robinson Bradshaw service to all internal and external clients.
  • Actively participates as a member of a team to move forward toward the completion of team goals.
  • Demonstrate good critical thinking, analytical, and critical thinking skills, and ability to share constructive insights.
  • Works effectively and cooperatively with others; establishes and maintains good working relationships.
  • Ability to communicate effectively both verbally and in writing.
  • Ownership, accuracy, and thoroughness of work product; work must be complete and organized.
  • Strong ethical standards and a commitment to maintaining confidentiality and integrity in all activities.
  • Must be able to travel as needed to support remote offices and attend training or conferences.
  • Ability to work in a hybrid environment remotely and regularly in the office.).