Information Risk Analyst

Build the skills a successful information risk analyst needs with our library of role-based courses and learning paths. Learn how to identify opportunities to improve the risk posture of the organization and continuously monitor risk tolerance.



What does an information risk analyst do?

Information risk analysts conduct objective, fact-based risk assessments on existing and new systems and technologies, and communicate findings to all stakeholders within the information system.


Information risk analyst career paths

Domain knowledge

  • Risk management
  • Vulnerability assessment

Related job titles

  • ISSO
  • Cybersecurity auditor
  • Cybersecurity assessor
  • Security analyst
  • Risk analyst
  • Security controls assessor

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • Security Controls Assessor
  • System Security Analyst


Training Material

Suggested courses for information risk analysts

Enterprise Security Risk Management

The Enterprise Security Risk Management skill path covers essential enterprise risk topics, including risk identification and assessment, implementing security controls, regulatory compliance, strategy and culture, and more.

Vulnerability Assessment

The vulnerability assessment learning path guides you through a holistic security assessment approach, where you will develop a well-structured framework for analyzing the security of a system. You will acquire the skills to perform custom vulnerability assessment for any computer system, application or network infrastructure.

NIST Cybersecurity Framework

The NIST Cybersecurity Framework skill path introduces the framework for improving infrastructure cybersecurity.


This learning path explains the Risk Management Framework (RMF) and its processes and provides guidance for applying the RMF to information systems and organizations.

CompTIA Cloud+

The CompTIA Cloud+ certification path introduces you to a variety of information security concepts that affect the cloud. You'll learn about system requirements, cloud storage, security, troubleshooting and more.


The Certified Authorization Professional (CAP) certification path builds your expertise around the NIST Risk Management Framework (RMF). You'll learn best practices, policies and procedures used to authorize and maintain information systems.

ISACA Certified Information Systems Auditor (CISA)

The Certified Information Systems Auditor (CISA) certification path builds your knowledge of auditing information systems. You'll learn the tools and guidelines involved in the IT auditing process as well as concepts such as business continuity, enterprise IT governance, common security controls and more.


The Certified in Risk and Information Systems Control (CRISC) exam is a certification testing a student's ability to assess and evaluate risk, as well as risk management proficiency.

Implementing Controls for HIPAA Compliance

This path will help students and professionals understand how to maintain the confidentiality, integrity and availability of PHI and ePHI. You'll get to grips with protecting ePHI from unauthorized use and disclosure, and the importance of helping employees stay compliant with the rules.

Plans & pricing

  • Infosec Skills Personal

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free information risk analyst training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments