ZipRecruiter

Log In

1

Senior Cyber Security Risk Analyst Jobs (NOW HIRING)

NRG Energy

Cybersecurity Risk Analyst

Houston, TX · Hybrid

The Cybersecurity Risk Analyst supports the organization's cyber risk management program by identifying, assessing, documenting, and communicating cyber risk across systems, applications ...

NRG

Cybersecurity Risk Analyst

Houston, TX · On-site

The Cybersecurity Risk Analyst supports the organization's cyber risk management program by identifying, assessing, documenting, and communicating cyber risk across systems, applications ...

NRG

Cybersecurity Risk Analyst

Houston, TX · Hybrid

The Cybersecurity Risk Analyst supports the organization's cyber risk management program by identifying, assessing, documenting, and communicating cyber risk across systems, applications ...

Deaconess

Cybersecurity Risk Analyst

Evansville, IN · On-site

$36.93 - $55.40/hr

Overview We are seeking a Cybersecurity Risk Analyst to support and coordinate the efforts around analyzing, classifying, monitoring, and mitigating cybersecurity risks across our organization. This ...

GM Financial

Cybersecurity Risk Analyst

Irving, TX · On-site

The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF ... senior level management in Financial Services or Banking strongly preferred * 3+ years of ...

GM Financial

Cybersecurity Risk Analyst

Irving, TX · Hybrid

... senior level management in Financial Services or Banking strongly preferred * 3+ years of ... The Cybersecurity Risk Analyst is responsible for executing a portion of the GM Financial (GMF ...

next page

Showing results 1-20

All JobsSenior Cyber Security Risk Analyst Jobs

Senior Cyber Security Risk Analyst information

See salary details

$23K

$113.7K

$150.5K

How much do senior cyber security risk analyst jobs pay per year?

As of Jun 19, 2026, the average yearly pay for senior cyber security risk analyst in the United States is $113,704.00, according to ZipRecruiter salary data. Most workers in this role earn between $100,000.00 and $129,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Senior Cyber Security Risk Analyst, and why are they important?

To thrive as a Senior Cyber Security Risk Analyst, you need in-depth knowledge of risk assessment methodologies, cyber security frameworks (such as NIST or ISO 27001), and a strong background in IT or computer science, often supported by a bachelor's degree and relevant certifications. Familiarity with risk management tools, vulnerability scanning platforms, and security information and event management (SIEM) systems is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are critical soft skills for excelling in this role. These competencies help ensure organizations can proactively identify, assess, and mitigate security risks, thereby protecting sensitive assets and maintaining compliance.

What is the difference between Senior Cyber Security Risk Analyst vs Cyber Security Risk Analyst?

AspectSenior Cyber Security Risk AnalystCyber Security Risk Analyst
CertificationsCCSP, CISSP, CISACCSP, CISSP, CISA
Work EnvironmentMore strategic, leadership roles, mentoringOperational, technical risk assessments
ResponsibilitiesOversees risk management programs, policy developmentPerforms risk assessments, vulnerability analysis

The main difference lies in experience and scope. Senior Cyber Security Risk Analysts typically handle strategic planning and leadership, while Cyber Security Risk Analysts focus on technical risk assessments. Both roles require similar certifications and work within the same industry environment, but the senior position involves more oversight and decision-making responsibilities.

How does a Senior Cyber Security Risk Analyst typically collaborate with other departments to manage organizational risks?

A Senior Cyber Security Risk Analyst often works closely with IT, compliance, legal, and business units to assess and mitigate cybersecurity risks across the organization. This collaboration involves conducting risk assessments, sharing findings with relevant stakeholders, and developing strategies to address vulnerabilities. Effective communication and teamwork are essential, as the analyst must translate technical risks into business impacts and ensure all departments understand their roles in risk management. Regular meetings and cross-functional projects are common, fostering a proactive security culture throughout the organization.

What does a Senior Cyber Security Risk Analyst do?

A Senior Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating potential cybersecurity threats to an organization. They analyze security risks, develop strategies to protect sensitive data, and ensure compliance with industry regulations and best practices. Their role often involves conducting risk assessments, recommending security improvements, and collaborating with IT and business teams to strengthen the organization's overall cybersecurity posture.
More about Senior Cyber Security Risk Analyst jobs
What cities are hiring for Senior Cyber Security Risk Analyst jobs? Cities with the most Senior Cyber Security Risk Analyst job openings:
What are the most commonly searched types of Cyber Security Risk Analyst jobs? The most popular types of Cyber Security Risk Analyst jobs are:
What states have the most Senior Cyber Security Risk Analyst jobs? States with the most job openings for Senior Cyber Security Risk Analyst jobs include:
What job categories do people searching Senior Cyber Security Risk Analyst jobs look for? The top searched job categories for Senior Cyber Security Risk Analyst jobs are:
Senior Cyber Security Risk Analyst jobs near you
Infographic showing various Senior Cyber Security Risk Analyst job openings in the United States as of June 2026, with employment types broken down into 72% Full Time, 27% Part Time, and 1% Contract. Highlights an 87% Physical, 5% Hybrid, and 8% Remote job distribution, with an average salary of $113,704 per year, or $54.7 per hour.
Sr. Cybersecurity Risk Analyst

Sr. Cybersecurity Risk Analyst

UFP Industries

Grand Rapids, MI • On-site

Full-time

Posted 10 days ago

UFP Industries rating

7.2

Company rating: 7.2 out of 10

Based on 83 frontline employees who took The Breakroom Quiz

330th of 518 rated manufacturers

Job description

Job Summary
The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing, and communicating cybersecurity risks across the enterprise, while driving alignment with regulatory requirements, including CMMC. The position will play a key role in building and maintaining the enterprise risk register, developing a third-party risk management program, and partnering with IT teams to establish and maintain secure standards and practices.
The ideal candidate combines strong analytical skills with practical experience in governance, risk, and compliance, and can translate technical risk into actionable business decisions.
Location: Onsite out of our Grand Rapids, MI office.
Work Authorization: Applicants must be currently authorized to work.
Principal Duties and Responsibilities
Risk Management and Governance
  • Lead the development and ongoing maintenance of the enterprise cybersecurity risk register, including risk identification, classification, ownership, and tracking.
  • Conduct and lead risk assessments for systems, applications, projects, and business initiatives.
  • Develop and implement risk management processes, methodologies, and reporting metrics.
  • Facilitate risk review sessions with business and IT stakeholders to ensure accountability and transparency.
  • Develop and track risk mitigation and remediation plans to closure.

Regulatory Compliance (CMMC and Related Frameworks)
  • Support and maintain the organization's CMMC compliance program, including control mapping, evidence collection, and audit readiness.
  • Partner with internal stakeholders (IT, Legal, HR, Plant Operations) to ensure alignment with CMMC and other regulatory requirements.
  • Assist in preparing documentation and responses for assessments, audits, and regulatory inquiries.
  • Monitor evolving compliance requirements and translate them into actionable internal controls.

Third-Party Risk Management
  • Develop and mature a third-party cybersecurity risk management program.
  • Conduct security risk assessments of vendors, SaaS providers, Software, and external partners.
  • Evaluate vendor security posture, shared responsibility models, and contractual security requirements.
  • Partner with procurement and legal teams to integrate security requirements into vendor onboarding and contracting processes.

Security Standards and IT Partnership
  • Collaborate with IT and engineering teams to develop, implement, and maintain cybersecurity standards and secure configuration baselines.
  • Ensure security requirements are embedded into system design, architecture, and operational processes.
  • Provide risk-based guidance on system hardening, segmentation, and control implementation.
  • Support the development of policies, standards, and procedures that are practical, enforceable, and auditable.

Reporting and Communication
  • Communicate risk findings, trends, and recommendations to technical and non-technical stakeholders, including leadership.
  • Develop reporting for executive audiences, including risk summaries, metrics, and program maturity updates.
  • Support audit committee and leadership reporting as needed.

Continuous Improvement
  • Stay current on cybersecurity threats, regulatory changes, and industry best practices.
  • Identify opportunities to improve risk visibility, coverage, and program efficiency.
  • Mentor junior analysts and contribute to the maturity of the GRC function.

Qualifications
Required
  • Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience).
  • 5+ years of experience in cybersecurity risk, governance, or compliance roles.
  • Experience building or maintaining a cybersecurity risk register and risk management processes.
  • Strong understanding of security frameworks (e.g., NIST, CMMC, ISO 27001).
  • Experience conducting third-party/vendor risk assessments.
  • Strong analytical, problem-solving, and risk evaluation skills.
  • Ability to translate technical risks into business impact.
  • Strong written and verbal communication skills.

Preferred
  • Experience supporting CMMC assessments or similar regulatory compliance programs.
  • Familiarity with manufacturing or operational technology (OT) environments.
  • Experience developing security standards or working closely with infrastructure and engineering teams.
  • Professional certifications such as CISSP, CISM, CRISC, or similar.

The Company is an Equal Opportunity Employer.

What UFP Industries employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

UFP Industries logo

About UFP Industries

Sourced by ZipRecruiter

Universal Forest Products, Inc., is a U.S.-based global corporation that finds reward in its roots and its hard-earned success. Founded in 1955 as a supplier of lumber to the manufactured housing industry, Universal today is a multibillion-dollar holding company with subsidiaries around the globe that serve three robust markets: retail, industrial and construction. Since 1993, Universal has been publicly traded (Nasdaq: UFPI). We re headquartered in Grand Rapids, Michigan.

Industry

Wood product manufacturing

Company size

10,000+ Employees

Headquarters location

Grand Rapids, MI, US

Year founded

1955

Social media

Facebook

View All UFP Industries Jobs

Apply