ZipRecruiter

Log In

1

Cyber Risk Management Jobs in Massachusetts (NOW HIRING)

Eclaro

Risk Management and Policy Specialist

Canton, MA · On-site

Develop and document Cyber Risk Management Program and related procedures: Develop Risk Management Program. Revise and update existing Risk Inventory. Define Risk Management Escalation. Define Risk ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA · On-site

$130K - $170K/yr

Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program. QUALIFICATIONS: * 6+ years of experience in cybersecurity ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA · On-site

$130K - $170K/yr

Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program. QUALIFICATIONS: * 6+ years of experience in cybersecurity ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA · On-site

$130K - $170K/yr

Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program. QUALIFICATIONS: * 6+ years of experience in cybersecurity ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA

$130K - $170K/yr

Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program. QUALIFICATIONS: * 6+ years of experience in cybersecurity ...

next page

Showing results 1-20

All JobsCyber Risk Management JobsCyber Risk Management Jobs in Massachusetts

Cyber Risk Management information

See Massachusetts salary details

$15

$33

$80

How much do cyber risk management jobs pay per hour?

As of Jun 28, 2026, the average hourly pay for cyber risk management in Massachusetts is $33.13, according to ZipRecruiter salary data. Most workers in this role earn between $21.25 and $42.26 per hour, depending on experience, location, and employer.

What is a Cyber Risk Management job?

A Cyber Risk Management job involves identifying, assessing, and mitigating cybersecurity risks that could impact an organization. Professionals in this field develop risk management frameworks, implement security controls, and ensure compliance with industry regulations. They work closely with IT and business teams to minimize cyber threats, such as data breaches and ransomware attacks. Their goal is to protect sensitive information and maintain business continuity.

What are the key skills and qualifications needed to thrive in the Cyber Risk Management position, and why are they important?

To thrive in Cyber Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance, often supported by a degree in cybersecurity, information technology, or a related field. Familiarity with tools such as risk management software, vulnerability assessment platforms, and certifications like CISSP, CISM, or CRISC is highly valued. Excellent analytical thinking, communication, and problem-solving skills help professionals effectively advise stakeholders and coordinate incident response efforts. These skills are crucial for identifying, evaluating, and mitigating cyber risks to safeguard organizational assets and ensure business continuity.

Can you make $500,000 a year in cyber security?

Cyber Risk Management professionals can potentially earn $500,000 or more annually, especially at senior levels or in executive roles such as Chief Information Security Officer (CISO). Achieving this salary typically requires extensive experience, advanced certifications like CISSP or CISM, and leadership responsibilities within large organizations. High salaries are often associated with specialized skills, strategic oversight, and the ability to manage complex security risks.

Is 40 too old for cyber security?

Cyber Risk Management professionals can succeed at any age, as the field values experience, problem-solving skills, and continuous learning. Many individuals transition into cybersecurity later in their careers by obtaining certifications like CISSP or CompTIA Security+ and developing relevant technical skills. Age is generally not a barrier to entering or advancing in cybersecurity roles.

What are some common challenges faced in a Cyber Risk Management role, and how are they typically addressed?

Professionals in Cyber Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, ensuring compliance with complex regulations, and balancing security needs with business objectives. Addressing these issues requires continuous learning, leveraging up-to-date threat intelligence, and collaborating closely with IT, legal, and management teams to develop effective risk mitigation strategies. Many organizations encourage ongoing training and participation in industry events to stay current, while fostering a culture of open communication to quickly identify and address vulnerabilities. Embracing a proactive and adaptable approach ensures that cyber risks are managed effectively while supporting the organization’s goals.

Is cybersecurity still worth it in 2026?

Cyber Risk Management remains a vital role in 2026 as organizations continue to face evolving cyber threats. Professionals in this field need strong technical skills, knowledge of security frameworks, and certifications like CISSP or CISM to effectively protect digital assets and ensure compliance.

Can I make $200,000 a year in cyber security?

Cyber Risk Management professionals can potentially earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and roles in high-demand industries or senior positions. Salary levels vary based on location, company size, and individual expertise, but high-level cybersecurity roles often offer compensation in this range.
What are popular job titles related to Cyber Risk Management jobs in Massachusetts? For Cyber Risk Management jobs in Massachusetts, the most frequently searched job titles are:
What job categories do people searching Cyber Risk Management jobs in Massachusetts look for? The top searched job categories for Cyber Risk Management jobs in Massachusetts are:
Cyber Risk Management jobs near you
MD GRC Risk Management and Governance

MD GRC Risk Management and Governance

State Street Corporation

Quincy, MA • On-site

$170K - $282K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 25 days ago

Job description

The Managing Director, Cyber Risk Management & Governance will lead a team responsible for the design, execution, and oversight of the cyber risk management and governance framework. This role ensures cyber risk is consistently identified, assessed, governed, and reported in alignment with the Enterprise Risk Framework, regulatory expectations, and the firm's risk appetite. The role serves as a central coordination point, with a strong focus on framework governance, risk management, findings oversight and management, and executive-level reporting.
Key Responsibilities
  • Own and evolve the Cyber Risk Management Framework, ensuring alignment with the Enterprise Risk Framework and regulatory expectations.
  • Govern cyber risk taxonomies, risk appetite statements, risk metrics, and assessment methodologies.
  • Support embedding cyber risk practices across the L3 Cyber risk methodology and support functional and business risk owners in their efforts to improve and sustain cyber risk posture.
  • Provide oversight of control assurance and remediation execution and quality, including challenge, escalation, and consistency.
  • Ensure consistent linkage between assessment outcomes, risk appetite, and remediation priorities.
  • Enable and guide Enterprise Process Owner (EPO) / Metric Owners with challenges related to processes area / Key Risk Indicator improvement, ensuring clear accountability and effective operation.
  • Support the second line of defense in defining, maintaining, and overseeing Cyber Key Risk Indicators (KRIs) and thresholds, ensuring they provide meaningful insight into risk posture and trends.
  • Coordinate cyber risk matters for management-level and executive Risk Committees, including agenda development, materials, and escalation.
  • Produce and oversee executive-level cyber risk reporting, including risk posture, trends, material issues, and emerging risks.
  • Ensure reporting is concise, decision-oriented, and aligned with enterprise and Board risk governance expectations.
  • Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and follow-through.
  • Oversee LOD and legal entity cyber risk reporting, ensuring a consistent Global Cybersecurity view.
  • Coordinate with Cyber Compliance teams to provide accurate data sharing for regulatory engagement and legal entities.
  • Provide governance oversight for issues that impact cyber risk, including intake, severity assessment, challenge, escalation, and closure monitoring.
  • Oversee cyber risk acceptance governance, ensuring decisions are risk-informed, appropriately documented, time-bound, and approved at the correct level.
  • Ensure alignment between issues, risk acceptances, and risk appetite.
  • Lead the intake and governance of cyber findings from audits, regulatory reviews, assessments, and testing activities.
  • Ensure findings are consistently risk-rated, challenged where appropriate, and tracked through remediation to closure.
  • Monitor remediation progress, aging, and systemic themes, escalating concerns as needed to governance/management committees.

Required Qualifications
  • 10+ years of experience in cybersecurity risk management, technology risk, or enterprise risk governance, with significant experience at a senior leadership level.
  • Bachelor's degree in information systems, computer science, data analytics, cybersecurity or related field (or equivalent experience).
  • Deep understanding of cyber risk frameworks, enterprise risk management, and regulatory expectations within a large, complex financial services or regulated environment.
  • Proven experience with risk governance, control assurance and assessments, KRIs, issue management, and executive reporting.
  • Strong ability to build relationships across the three lines of defense and influence at executive and Board levels.
  • Exceptional communication skills, with the ability to translate technical and risk concepts into executive-level insights.
  • Experience leading highly successful teams in achieving objectives and key results.

Preferred Skills
  • Cybersecurity Certifications such as: CISSP, CISM or equivalent.
  • Experience implementing automated and/or continuous controls monitoring in cloud and hybrid environments.
  • Strong analytical mindset with the ability to translate ambiguous risk or control questions into measurable metrics and repeatable tests.
  • Clear written and verbal communication skills, including the ability to explain complex technical findings and trends to leadership.

Salary Range:
$170,000 - $282,500 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.
Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.
For a full overview, visit https://hrportal.ehr.com/statestreet/Home.
About State Street
Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.
We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.
As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.
Discover more information on jobs at StateStreet.com/careers
Read our CEO Statement
Job Application Disclosure:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
State Street logo

About State Street

Sourced by ZipRecruiter

State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Industry

Finance and insurance

Company size

10,000+ Employees

Headquarters location

Boston, MA, US

Year founded

1792

Social media

FacebookTwitter

View All State Street Jobs

Apply