1

Security Risk Assessment Jobs in California (NOW HIRING)

The Compliance Assessor of IT Risk & Compliance Management performs Security Risk Assessments on DIRECTV's 3rd party vendors. An assesment would typically involve the following tasks: Communicating ...

IT Risk Analyst

San Diego, CA · On-site

$79K - $102K/yr

Assessment activities shall include evaluating physical and logical security posture, conducting training for branch employees, and completion of a branch security risk report. * Perform vendor risk ...

next page

Showing results 1-20

Security Risk Assessment information

See California salary details

$10

$49

$69

How much do security risk assessment jobs pay per hour?

As of Jul 4, 2026, the average hourly pay for security risk assessment in California is $49.75, according to ZipRecruiter salary data. Most workers in this role earn between $40.34 and $59.33 per hour, depending on experience, location, and employer.

What is a Security Risk Assessment job?

A Security Risk Assessment job involves identifying, analyzing, and mitigating potential security threats to an organization's systems, data, and operations. Professionals in this role evaluate vulnerabilities, assess risks, and recommend security controls to protect against cyber threats, fraud, and compliance issues. They work with IT teams, management, and stakeholders to ensure security measures align with business objectives and regulatory requirements. This job often requires knowledge of cybersecurity frameworks, risk management methodologies, and relevant industry standards.

What are the key skills and qualifications needed to thrive in the Security Risk Assessment position, and why are they important?

To thrive in Security Risk Assessment, a strong background in risk analysis, information security principles, and regulatory compliance is essential, often supported by a degree in cybersecurity or related fields. Familiarity with risk assessment tools, frameworks like NIST or ISO 27001, and certifications such as CISSP or CISA are highly valued. Exceptional attention to detail, analytical thinking, and effective communication skills set top professionals apart in this role. These competencies enable accurate identification of potential security threats and development of strategic mitigation plans, which are crucial for safeguarding organizational assets.

What are some common challenges faced in a Security Risk Assessment role?

Professionals in Security Risk Assessment often face the challenge of keeping up with constantly evolving cyber threats and adapting assessment methodologies accordingly. Balancing thorough analysis with the need to provide timely recommendations can be demanding, especially when collaborating with multiple departments or stakeholders. Additionally, communicating complex risk findings to non-technical audiences requires both clarity and diplomacy. Overcoming these challenges is critical for delivering actionable insights that drive effective security decision-making and protect organizational assets.

What are the most commonly searched types of Security Risk Assessment jobs in California? The most popular types of Security Risk Assessment jobs in California are:
What are popular job titles related to Security Risk Assessment jobs in California? For Security Risk Assessment jobs in California, the most frequently searched job titles are:
What job categories do people searching Security Risk Assessment jobs in California look for? The top searched job categories for Security Risk Assessment jobs in California are:
Medical Device Cybersecurity Risk Specialist

Medical Device Cybersecurity Risk Specialist

Tata Consultancy Services

Irvine, CA • On-site

Other

Posted 10 days ago


Tata Consultancy Services rating

6.5

Company rating: 6.5 out of 10

Based on 21 frontline employees who took The Breakroom Quiz

157th of 207 rated it services


Job description


Job Title: Medical Device Cybersecurity Risk Specialist

Work Location: Irvine, California, United States



Must Have Technical/Functional Skills:

• Strong understanding of information security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO.

• Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks across systems, vendors, projects, and business processes.

• Solid knowledge of medical device cybersecurity, including vulnerability analysis, security risk mitigation, and patient safety considerations.

• Familiarity with medical device integration, healthcare application ecosystems, and interactions with EHR systems and third-party healthcare vendor applications.

• Understanding of common cybersecurity controls including network security, endpoint protection, identity and access management, encryption, logging/monitoring, and secure system configuration.

• Experience reviewing penetration testing findings, identifying practical mitigation options, and validating remediation approaches in partnership with vendors or technical teams.

• Ability to maintain and manage risk registers, risk treatment plans, dashboards, and remediation tracking mechanisms using GRC platforms or structured spreadsheet-based tools.

• Working knowledge of cloud security, security operations, and cybersecurity input into SDLC, infrastructure changes, and new service introductions.

• Familiarity with regulatory and compliance expectations relevant to healthcare and medical devices, including cybersecurity documentation and risk-based decision-making.

• Exposure to Agile / Scrum methodologies and cross-functional project execution is highly desirable.

• Ability to research emerging threats, assess business relevance, and proactively recommend risk reduction actions.


Roles & Responsibilities:

• Develop, maintain, and continuously improve the organization’s cybersecurity risk management program, with emphasis on practical and sustainable risk reduction.

• Perform qualitative and quantitative risk assessments for systems, projects, vendors, healthcare technologies, and business processes.

• Analyze medical device cybersecurity vulnerabilities, penetration testing findings, and technical risks to determine impact, likelihood, and patient/business impact.

• Partner with internal teams, vendors, and business owners to identify, validate, and track approved mitigation strategies and alternative risk treatment options where needed.

• Maintain accurate and up-to-date risk registers, risk treatment plans, issue logs, and risk dashboards.

• Support the selection, implementation, and validation of technical, administrative, and procedural security controls.

• Provide cybersecurity and risk management input into projects, cloud initiatives, system integrations, device onboarding, and service changes.

• Coordinate and support t hird-party/vendor risk assessments, follow-up actions, and remediation closure tracking.

• Translate technical cybersecurity issues into clear business impact statements and communicate them effectively to leadership and non-technical stakeholders.

• Produce recurring risk posture reports, trends, metrics, and remediation summaries for management and governance forums.

• Support incident response activities and perform post-incident risk analysis to identify lessons learned and strengthen controls.

• Promote a strong security and risk-aware culture by engaging with stakeholders, educating teams, and encouraging proactive risk identification.

• Collaborate effectively across cybersecurity, engineering, quality, clinical/biomedical, IT, and vendor teams to ensure balanced decision-making that protects both operations and patient safety.

• Stay current on evolving cybersecurity threats, healthcare technology risks, and relevant compliance expectations.



What Tata Consultancy Services employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Tata Consultancy Services logo

About Tata Consultancy Services

Sourced by ZipRecruiter

Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT, BPO, infrastructure, engineering, and assurance services. This is delivered through its unique Global Network Delivery Model™, recognized as the benchmark of excellence in software development. TCS delivers a level of certainty that no other firm can match--to our clients and to our employees. Come join us and experience certainty in your career. TCS a global Consulting and IT Services firm that is ranked in the top quartile by industry analysts. Our 2021 fiscal revenues topped $25 B and our market capitalization is over $170+B, yet we have a deep and large history of philanthropy and corporate social responsibility. Now approaching 600K of the best IT professionals and consultants, we are a trusted advisor, guiding our clients' enterprises through growth and transformation journeys - helping them to become agile, intelligent, automated and on the cloud. We are devoted to DEI and are recognized as a top employer and place to work.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Edison, NJ, US