... security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO. • Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks ...
... security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO. • Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks ...
Medical Device Cybersecurity Risk Specialist
Irvine, CA · On-site
$110K - $120K/yr
... security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO. • Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks ...
Medical Device Cybersecurity Risk Specialist
Irvine, CA · On-site
$110K - $120K/yr
... security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO. • Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks ...
Title : Information Security Specialist Location: Sacramento ,CA (Hybrid) We are looking for an ... Maintain enterprise risk registers and risk tracking systems to identify, assess, and monitor ...
Title : Information Security Specialist Location: Sacramento ,CA (Hybrid) We are looking for an ... Maintain enterprise risk registers and risk tracking systems to identify, assess, and monitor ...
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
Quick apply
Apply Early
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
Apply Early
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
Product Security Engineer - Hardware/Firmware
Milpitas, CA · On-site
$147K - $244K/yr
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
Product Security Engineer - Hardware/Firmware
Milpitas, CA · On-site
$147K - $244K/yr
Security Risk Assessment & Threat Modeling * Facilitate product security risk assessments and support threat modeling activities across firmware-driven products. * Assess product security risks ...
The Compliance Assessor of IT Risk & Compliance Management performs Security Risk Assessments on DIRECTV's 3rd party vendors. An assesment would typically involve the following tasks: Communicating ...
The Compliance Assessor of IT Risk & Compliance Management performs Security Risk Assessments on DIRECTV's 3rd party vendors. An assesment would typically involve the following tasks: Communicating ...
Security GRC Analyst
Campbell, CA · On-site
Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other ...
Security GRC Analyst
Campbell, CA · On-site
Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other ...
... risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: • 5+ years of experience as an Automation Architect and doing web application security ...
... risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: • 5+ years of experience as an Automation Architect and doing web application security ...
... risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: • 5+ years of experience as an Automation Architect and doing web application security ...
... risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: • 5+ years of experience as an Automation Architect and doing web application security ...
Accountable for: • The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments ...
Accountable for: • The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments ...
Information Security Technical Analyst
Oakland, CA · On-site
$50 - $54.80/hr
Support ongoing and periodic security risk assessment exercises that involves identifying, evaluating and monitoring cybersecurity risks using both quantitative and qualitative methodologies
Information Security Technical Analyst
Oakland, CA · On-site
$50 - $54.80/hr
Support ongoing and periodic security risk assessment exercises that involves identifying, evaluating and monitoring cybersecurity risks using both quantitative and qualitative methodologies
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
Quick apply
Apply Early
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
Apply Early
As the R&D Security & Export Control Risk Manager, you play a critical role in ensuring that ... You will identify, assess, and mitigate risks related to ASML's R&D information assets, sensitive ...
As the R&D Security & Export Control Risk Manager, you play a critical role in ensuring that ... You will identify, assess, and mitigate risks related to ASML's R&D information assets, sensitive ...
Senior Information Security Analyst, GRC/Responsible AI
Irvine, CA · On-site
$124K - $206K/yr
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
Senior Information Security Analyst, GRC/Responsible AI
Irvine, CA · On-site
$124K - $206K/yr
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
Then, you'll help your team perform risk and vulnerability assessments in network, system, and application areas. You'll work on translating security concepts for your client so they can make the ...
New
Then, you'll help your team perform risk and vulnerability assessments in network, system, and application areas. You'll work on translating security concepts for your client so they can make the ...
New
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
You will lead GenAI security risk assessments, help define governance standards, and partner closely with Legal, IT, Procurement, and business leaders to ensure AI adoption is secure, compliant, and ...
Performs periodic information privacy and security risk assessments while developing risk mitigation plans. Evaluates, recommends, and implements systems for detection and prevention of information ...
Performs periodic information privacy and security risk assessments while developing risk mitigation plans. Evaluates, recommends, and implements systems for detection and prevention of information ...
IT Risk Analyst
San Diego, CA · On-site
$79K - $102K/yr
Assessment activities shall include evaluating physical and logical security posture, conducting training for branch employees, and completion of a branch security risk report. * Perform vendor risk ...
Quick apply
IT Risk Analyst
San Diego, CA · On-site
$79K - $102K/yr
Assessment activities shall include evaluating physical and logical security posture, conducting training for branch employees, and completion of a branch security risk report. * Perform vendor risk ...
Leads risk assessment initiatives and collaborates with hotel leadership to integrate safety and security considerations into business operations, crisis planning, and decision-making. * Able to make ...
Leads risk assessment initiatives and collaborates with hotel leadership to integrate safety and security considerations into business operations, crisis planning, and decision-making. * Able to make ...
Security Risk Assessment information
See California salary details
$10.20 - $15.55
2% of jobs
$15.55 - $20.90
0% of jobs
$20.90 - $26.25
1% of jobs
$26.25 - $31.60
1% of jobs
$31.60 - $36.94
1% of jobs
$40.96 is the 25th percentile. Wages below this are outliers.
$36.94 - $42.29
26% of jobs
$42.29 - $47.64
11% of jobs
The median wage is $49.55 / hr.
$47.64 - $52.99
22% of jobs
$52.99 - $58.34
9% of jobs
$58.76 is the 75th percentile. Wages above this are outliers.
$58.34 - $63.69
17% of jobs
$63.69 - $69.04
9% of jobs
$10
$49
$69
How much do security risk assessment jobs pay per hour?
What is a Security Risk Assessment job?
A Security Risk Assessment job involves identifying, analyzing, and mitigating potential security threats to an organization's systems, data, and operations. Professionals in this role evaluate vulnerabilities, assess risks, and recommend security controls to protect against cyber threats, fraud, and compliance issues. They work with IT teams, management, and stakeholders to ensure security measures align with business objectives and regulatory requirements. This job often requires knowledge of cybersecurity frameworks, risk management methodologies, and relevant industry standards.
What are the key skills and qualifications needed to thrive in the Security Risk Assessment position, and why are they important?
To thrive in Security Risk Assessment, a strong background in risk analysis, information security principles, and regulatory compliance is essential, often supported by a degree in cybersecurity or related fields. Familiarity with risk assessment tools, frameworks like NIST or ISO 27001, and certifications such as CISSP or CISA are highly valued. Exceptional attention to detail, analytical thinking, and effective communication skills set top professionals apart in this role. These competencies enable accurate identification of potential security threats and development of strategic mitigation plans, which are crucial for safeguarding organizational assets.
What are some common challenges faced in a Security Risk Assessment role?
Professionals in Security Risk Assessment often face the challenge of keeping up with constantly evolving cyber threats and adapting assessment methodologies accordingly. Balancing thorough analysis with the need to provide timely recommendations can be demanding, especially when collaborating with multiple departments or stakeholders. Additionally, communicating complex risk findings to non-technical audiences requires both clarity and diplomacy. Overcoming these challenges is critical for delivering actionable insights that drive effective security decision-making and protect organizational assets.
Other
Posted 10 days ago
Tata Consultancy Services rating
6.5
Based on 21 frontline employees who took The Breakroom Quiz
157th of 207 rated it services
Job description
Job Title: Medical Device Cybersecurity Risk Specialist
Work Location: Irvine, California, United States
Must Have Technical/Functional Skills:
• Strong understanding of information security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO.
• Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks across systems, vendors, projects, and business processes.
• Solid knowledge of medical device cybersecurity, including vulnerability analysis, security risk mitigation, and patient safety considerations.
• Familiarity with medical device integration, healthcare application ecosystems, and interactions with EHR systems and third-party healthcare vendor applications.
• Understanding of common cybersecurity controls including network security, endpoint protection, identity and access management, encryption, logging/monitoring, and secure system configuration.
• Experience reviewing penetration testing findings, identifying practical mitigation options, and validating remediation approaches in partnership with vendors or technical teams.
• Ability to maintain and manage risk registers, risk treatment plans, dashboards, and remediation tracking mechanisms using GRC platforms or structured spreadsheet-based tools.
• Working knowledge of cloud security, security operations, and cybersecurity input into SDLC, infrastructure changes, and new service introductions.
• Familiarity with regulatory and compliance expectations relevant to healthcare and medical devices, including cybersecurity documentation and risk-based decision-making.
• Exposure to Agile / Scrum methodologies and cross-functional project execution is highly desirable.
• Ability to research emerging threats, assess business relevance, and proactively recommend risk reduction actions.
Roles & Responsibilities:
• Develop, maintain, and continuously improve the organization’s cybersecurity risk management program, with emphasis on practical and sustainable risk reduction.
• Perform qualitative and quantitative risk assessments for systems, projects, vendors, healthcare technologies, and business processes.
• Analyze medical device cybersecurity vulnerabilities, penetration testing findings, and technical risks to determine impact, likelihood, and patient/business impact.
• Partner with internal teams, vendors, and business owners to identify, validate, and track approved mitigation strategies and alternative risk treatment options where needed.
• Maintain accurate and up-to-date risk registers, risk treatment plans, issue logs, and risk dashboards.
• Support the selection, implementation, and validation of technical, administrative, and procedural security controls.
• Provide cybersecurity and risk management input into projects, cloud initiatives, system integrations, device onboarding, and service changes.
• Coordinate and support t hird-party/vendor risk assessments, follow-up actions, and remediation closure tracking.
• Translate technical cybersecurity issues into clear business impact statements and communicate them effectively to leadership and non-technical stakeholders.
• Produce recurring risk posture reports, trends, metrics, and remediation summaries for management and governance forums.
• Support incident response activities and perform post-incident risk analysis to identify lessons learned and strengthen controls.
• Promote a strong security and risk-aware culture by engaging with stakeholders, educating teams, and encouraging proactive risk identification.
• Collaborate effectively across cybersecurity, engineering, quality, clinical/biomedical, IT, and vendor teams to ensure balanced decision-making that protects both operations and patient safety.
• Stay current on evolving cybersecurity threats, healthcare technology risks, and relevant compliance expectations.
What Tata Consultancy Services employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Tata Consultancy Services
Sourced by ZipRecruiter
Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT, BPO, infrastructure, engineering, and assurance services. This is delivered through its unique Global Network Delivery Model™, recognized as the benchmark of excellence in software development. TCS delivers a level of certainty that no other firm can match--to our clients and to our employees. Come join us and experience certainty in your career. TCS a global Consulting and IT Services firm that is ranked in the top quartile by industry analysts. Our 2021 fiscal revenues topped $25 B and our market capitalization is over $170+B, yet we have a deep and large history of philanthropy and corporate social responsibility. Now approaching 600K of the best IT professionals and consultants, we are a trusted advisor, guiding our clients' enterprises through growth and transformation journeys - helping them to become agile, intelligent, automated and on the cloud. We are devoted to DEI and are recognized as a top employer and place to work.