Cybersecurity Risk Analyst Jobs

Search Cybersecurity Risk Analyst Jobs
Search hundreds of cybersecurity risk analyst jobs.

>>Or browse all of our risk analyst job listings

Latest Cybersecurity Risk Analyst Jobs Listings

Find More Cybersecurity Risk Analyst Jobs
Position Company Location Posted
Risk & Service Provider Security Analyst Remote
Baylor Scott & White HealthDALLAS, Texas, United States22/11/2022
System/Data Security Analyst - Cyber Security Operations
Bank of AmericaDenver, Colorado, United States18/11/2022
System/Data Security Analyst - Cyber Security Operations
Bank of AmericaDenver, Colorado, United States18/11/2022
Sr. Cyber Analyst
Connect Talent SolutionsVirginia Beach, Virginia, United States01/11/2022
Malware Prevention Analyst - Cyber Security Operations
Bank of AmericaDenver, Colorado, United States26/11/2022
Malware Prevention Analyst - Cyber Security Operations
Bank of AmericaDenver, Colorado, United States26/11/2022
Cyber Threat Intelligence (CTI) Analyst - Cyber Security Operations
Bank of AmericaDenver, Colorado, United States11/11/2022
Cyber Threat Intelligence (CTI) Analyst - Cyber Security Operations
Bank of AmericaWashington, Dist. Columbia, United States11/11/2022
TISO Risk Analyst - Cyber and Technology
PaypalOmaha, Nebraska, United States11/11/2022
Fraud Risk Analyst III- Consumer Product
Bank of AmericaNewark, Delaware, United States15/11/2022
Find More Jobs

What Is a Risk Analyst?

A risk analyst’s job is to protect the company assets of the employer. The purpose of the role is to forecast potential risks and their severity and perform threat assessments to offset potential or existing cybersecurity threats.

Apart from cybersecurity risk mitigation, this role may also include risk assessments related to investments, diversification, mergers, and other critical decision-making processes.

What Is a Risk Analyst Responsible For?

A risk analyst evaluates current threats in cyber-terrorism and performs an overall security evaluation of the company’s network infrastructure. Their job is to perform the following duties:

  • Staying up to date on the latest cyber-attack modalities
  • Consulting with stakeholders on the threat assessment and the company’s potential vulnerability
  • Preparing risk reports that include recommended course of actions
  • Overseeing the implementation of mitigation plans across all organizational departments
  • Creating an action plan in the event a cyber-attack occurs
  • Training staff on best network security practices and ensuring the employees follow and enforce practices
  • Performing penetration tests to determine vulnerable and exploitable points within a network
  • Developing patches and updates where vulnerabilities are present
  • Performing risk assessments based on the probability of an inside attack

Where Does a Risk Analyst Work?

Risk Analysts work in companies that may be vulnerable to cyber intrusions. This includes financial institutions, healthcare facilities, retail centers, and hospitality sectors. In addition, more non-profit organizations are also hiring risk analysts as cyber-threats against these institutions rise.

Other areas where risk analysts may find employment include public and higher education centers, and the travel niche, where attacks are also on the incline. Risk analysts may also work for agencies that provide cybersecurity services and be appointed to a company using the service. Some analysts also work for themselves and provide their service as freelance contractors, dividing their roles among multiple organizations.

Some risk analysts, depending on their specific role, perform their duties completely remotely and work solely from home. More risk analyst jobs these days include a hybrid work model of working from home and occasional travel.

What Other Career Options Are Available to a Risk Analyst?

Multiple career paths are available for a risk analyst as the field continues to expand. A risk analyst may find positions in these fields:

Information Security Specialist

The specialist in this role actively searches for network security violations. Additional duties include setting up firewalls, updating virus monitoring systems, and setting up password/authentication systems.

IT Technician

An IT technician has a more broad role of overseeing a company network. This includes installation and updating of hardware and software, as well as managing/diagnosing network infrastructure.

Ethical Hacker

An ethical hacker infiltrates a company’s network system to determine vulnerabilities. The role is to think from the perspective of cyber-criminals and then determine solutions to safeguard against their attack vectors.

Information Systems Security Manager

Professionals in this role manage the networks of organizations whose systems may include exclusive or proprietary data and are at high risk from hackers.

Security Architect

The role of the security architect is to develop and deploy endpoint security systems in response to the latest attack vectors. The security must be able to integrate into the organization’s network while ensuring minimal disruption to daily operations.

Software Developer

As a software developer, create software strictly for company use and customize it to suit specific internal needs. It may also include programming and working with IT staff to ensure in-house hardware systems are compliant.


A senior risk analyst may take on the role of trainer and guide entry-level IT staff members. Duties may include creating courses to educate staff on cybersecurity best practices.


Writers work for established journals in the IT and PC industry. They may also contribute to blogs, e-books, or white papers for companies providing cybersecurity, SaaS, or cloud services.

We expect additional fields to grow in the coming years as the world moves increasingly to digital platforms. According to the Bureau of Labor Statistics, cybersecurity risk management jobs are expected to grow by 32% between 2018 and 2028.

What Degree Is Required to Become a Risk Analyst? What Do They Study?

In most risk analyst fields, the position requires a bachelor’s associate degree in cybersecurity, computer information systems, or information technology. This is the minimum requirement; some companies may require candidates to hold a master’s degree in their field. In addition, prior experience in the computer science field – either as an employee or intern – is highly desired.

Apart from a degree and experience, cybersecurity risk management jobs may also require applicants to hold certain certifications. The most common certificates in the cybersecurity industry include the GSEC certification and CompTia Security+ certification.

What Skills Are Required in Risk Analysis and Cybersecurity Risk Management?

Required skills for a risk analyst include a strong background in information technology and computer sciences. Applicants may need to show working knowledge and practical experience in these areas:

  • Scripting using languages like Python or PowerShell
  • Cloud security management. 83% of businesses worldwide store sensitive and restricted data in the cloud, making security extremely vital.
  • DevOps to oversee the facilitation of software development and IT operations
  • Log collection and analysis to measure metrics and get an assessment on the efficacy of current security implementations
  • Digital forensics and evidence-gathering when an attack occurs. It  includes collaborating with law enforcement to identify and prosecute perpetrators.
  • Disaster recovery for data restoration in case of an attack that renders data inaccessible, such as ransomware.
  • Toolkit maintenance to ensure smooth network updates

How Much Money Does a Risk Analyst Earn?

At the time of writing, the salary of risk analyst jobs ranges between around $69,500 and $130,000 – normally around $100,000. Remuneration can vary depending on the degree, certifications, sub-field specialties, and years of work experience. Compensation also varies depending on location, with most positions availability and salary range higher in major metropolitan areas.