1

Senior Risk Analyst Jobs in Colorado (NOW HIRING)

Reporting to the Senior Director, Cyber Risk & Trust, the Senior Manager designs, builds, and ... Use analytics and AI to identify high-risk cohorts, predict likely compromise, and drive targeted ...

next page

Showing results 1-20

Senior Risk Analyst information

See Colorado salary details

$56.3K

$115.5K

$149.8K

How much do senior risk analyst jobs pay per year?

As of Jul 9, 2026, the average yearly pay for senior risk analyst in Colorado is $115,505.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,200.00 and $144,100.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Senior Risk Analyst, and why are they important?

To thrive as a Senior Risk Analyst, you need strong analytical skills, a solid grasp of risk assessment methodologies, and typically a degree in finance, economics, or a related field. Proficiency with risk management software, data analysis tools like Excel, and familiarity with regulatory frameworks such as Basel III or SOX is often required. Attention to detail, critical thinking, and effective communication are crucial soft skills for identifying, evaluating, and reporting risks. These competencies are vital for ensuring accurate risk identification and mitigation, supporting sound business decisions, and maintaining regulatory compliance.

How much do risk analysts get paid?

Risk analysts typically earn a median annual salary of around $70,000 to $90,000, depending on experience, location, and industry. Senior risk analysts with specialized skills and certifications can earn higher salaries, often exceeding $100,000 annually.

How does a Senior Risk Analyst typically collaborate with other departments to identify and mitigate risks?

Senior Risk Analysts regularly work with teams across the organization, such as compliance, finance, operations, and IT, to identify emerging risks and implement mitigation strategies. They often participate in cross-functional meetings, provide insights from data analysis, and help develop policies that address both regulatory requirements and business objectives. Building strong working relationships and communicating complex risk scenarios in an accessible way are key to ensuring coordinated risk management efforts. This collaborative approach not only helps in early detection of potential issues but also fosters a proactive risk culture within the company.

How much does a senior risk analyst make in the US?

A senior risk analyst in the US typically earns between $80,000 and $120,000 annually, depending on experience, industry, and location. They often require strong analytical skills, knowledge of risk management tools, and relevant certifications such as FRM or CRM.

What is the salary of senior risk analyst in JP Morgan?

The average salary for a Senior Risk Analyst at JP Morgan typically ranges from $80,000 to $130,000 annually, depending on experience, location, and specific department. Additional compensation may include bonuses and benefits, and the role often requires proficiency in risk management tools and certifications such as FRM or CFA.

What is the difference between Senior Risk Analyst vs Risk Analyst?

AspectSenior Risk AnalystRisk Analyst
Required CredentialsBachelor's degree, often certifications like FRM or CRMBachelor's degree, some certifications like FRM or CRM
Work EnvironmentFinancial institutions, insurance companies, consulting firmsFinancial firms, corporations, government agencies
Employer & Industry UsageUsed across finance, insurance, and consulting sectorsCommon in finance, banking, and insurance industries

The main difference is that Senior Risk Analysts typically have more experience, advanced certifications, and handle more complex risk assessments. They often lead projects and mentor junior staff, whereas Risk Analysts focus on data collection, analysis, and supporting risk management processes.

What does a senior risk analyst do?

A senior risk analyst evaluates potential risks that could impact an organization’s financial health, operations, or reputation. They analyze data, develop risk mitigation strategies, and use tools like risk assessment software to inform decision-making. This role often requires strong analytical skills, industry knowledge, and relevant certifications such as FRM or CRM.
What are the most commonly searched types of Risk Analyst jobs in Colorado? The most popular types of Risk Analyst jobs in Colorado are:
What are popular job titles related to Senior Risk Analyst jobs in Colorado? For Senior Risk Analyst jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Senior Risk Analyst jobs in Colorado look for? The top searched job categories for Senior Risk Analyst jobs in Colorado are:
What cities in Colorado are hiring for Senior Risk Analyst jobs? Cities in Colorado with the most Senior Risk Analyst job openings:
What are popular job titles related to Senior Risk Analyst jobs in CO? For Senior Risk Analyst jobs in CO, the most frequently searched job titles are:
Infographic showing various Senior Risk Analyst job openings in Colorado as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 83% Full Time, 9% Part Time, 1% Temporary, and 5% Contract. Highlights an 81% Physical, 6% Hybrid, and 13% Remote job distribution, with an average salary of $115,505 per year, or $55.5 per hour.
Governance Risk & Compliance Analyst

Governance Risk & Compliance Analyst

System One Holdings, LLC

Denver, CO • On-site

Full-time

Medical, Dental, Vision, Life, Retirement

This job post has expired today. Applications are no longer accepted.


Job description

Job Title: Governance Risk & Compliance Analyst
Location: Lakewood, CO
Work Model: Hybrid - onsite and remote
Overview
System One is seeking a GRC Analyst for an opportunity in Lakewood, CO. The GRC Analyst is a member of the Governance, Risk & Compliance function within the Global Information Security Office and supports the implementation of company?wide security governance, risk management, and compliance programs. Under the direction of the GRC Functional Leader, the analyst contributes to policy development, risk oversight, and continuous improvement of the organization's security posture. The role also works closely with regional Information Security Officers (ISOs) and cross?functional teams to support the deployment of global standards and local regulatory requirements.
Responsibilities
  • Support information security risk assessments for new projects, systems, and business processes.
  • Assist in conducting internal control reviews (e.g., J?SOX), preparing audit materials, and coordinating responses to internal and external auditors.
  • Track and follow up on remediation actions to ensure timely closure of identified risks.
  • Contribute to drafting, updating, and maintaining global information security policies, standards, and procedures.
  • Review relevant laws, regulations, and industry frameworks (e.g., ISO 27001, NIS2) and incorporate stakeholder feedback into documentation.
  • Support the rollout and implementation of policies across regions.
  • Monitor adherence to security and regulatory requirements, including ISO 27001, NIS2, and GDPR.
  • Collect and organize compliance evidence, track corrective actions, and support certification and regulatory readiness efforts such as ISO 27001/42001 and NIS2 programs.
  • Conduct third party security risk assessments by distributing questionnaires, analyzing responses, verifying controls, and documenting results in the GRC tracking systems.
  • Identify and escalate high risk findings to the GRC Functional Leader and support follow up mitigation activities.
  • Participate in the planning and implementation of security awareness programs for all associates.
  • Create e-learning materials and training materials, conduct phishing email exercises, and distribute disseminated content on internal portals.
  • Monitor and analyze global regulatory developments related to cybersecurity with a focus on industrial control systems (ICS), IT environments, and critical infrastructure.
  • Assist in evaluating how new or updated regulations (e.g., NIS2, FDA cybersecurity expectations, industrial cybersecurity standards, or country specific critical infrastructure laws) impact company operations.
  • Track emerging obligations, document requirements, and support gap assessments to ensure timely compliance.
  • Assist in the preparation, maintenance, and continuous improvement of the CISO Dashboard by collecting, validating, and analyzing security metrics across the Global GRC function.
  • Compile key performance indicators (KPIs) and key risk indicators (KRIs) related to compliance status, audit findings, supplier risk, incident trends, training completion, regulatory readiness, and other relevant security domains.
  • Support the visualization and communication of security posture to senior leadership by ensuring data accuracy, timely updates, and clarity in reporting.
  • Support the development and enforcement of governance controls for the secure use of artificial intelligence technologies across the organization.
  • Identify risks related to AI systems-such as model security, algorithmic integrity, and misuse-and contribute to risk assessments and mitigation plans.
  • Help evaluate third party AI tools.
  • Support the development and improvement of GRC processes, tools, and documentation to enhance operational efficiency and standardization.
  • Assist in preparing reports, presentations, and materials for leadership reviews, steering committees, and cross functional meetings.
  • Participate in internal security projects and initiatives, including process automation, metrics development, and enhancements to governance workflows.
  • Provide coordination and administrative support for security committees, working groups, and regional GRC activities.
  • Perform additional duties as assigned to support the Global Information Security Office and the broader GRC program.

Requirements
  • 3 to 5+ years of experience in information security, governance, risk management, compliance, IT audit, or a related discipline.
  • Experience supporting security programs in global or regulated environments is a plus.
  • Understanding of global and regional information security regulations (e.g., data protection laws, cybersecurity requirements) and familiarity with security frameworks such as ISO 27001.
  • Knowledge of internal control frameworks (e.g., JSOX) and IT governance practices is highly desirable.
  • Experience supporting audit activities is preferred.
  • Experience with risk assessment methodologies, control evaluation, and vulnerability or issue management processes.
  • Strong analytical and problem-solving skills, with the ability to identify risks, assess impacts, and support the development and tracking of corrective actions.
  • Ability to communicate security requirements, policies, and audit findings clearly and persuasively with stakeholders across regions and business units.
  • Strong coordination skills to build consensus and drive compliance.
  • Industry certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or similar are preferred but not required.
  • Bachelor's degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field; or equivalent professional experience.
  • Familiarity with governance, risk, and compliance tools (e.g., BitSight, Drata, OneTrust, Archer, or similar) for managing risks, audits, and compliance workflows.
  • Working knowledge of cybersecurity concepts such as identity and access management, endpoint protection, vulnerability management, cloud security, and secure system design.
  • Experience supporting cross-functional security or compliance initiatives, including requirements gathering, documentation, and progress tracking.
  • Ability to interpret risk metrics, compliance data, and audit results.
  • Experience with dashboards, KPI/KRI reporting, or data visualization tools is a plus.
  • Awareness of emerging cybersecurity regulations (e.g., NIS2, AI governance frameworks, critical infrastructure rules) and their potential impact on enterprise operations.

System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#M-1
#LI-SG1
Ref: #558-Scientific