Position Overview The Director, Cyber Risk leads Asurion's cyber and technology risk management discipline and is accountable for a consistent, outcome-driven program the business can rely on for ...
Position Overview The Director, Cyber Risk leads Asurion's cyber and technology risk management discipline and is accountable for a consistent, outcome-driven program the business can rely on for ...
Lead the enterprise cyber risk management program, including methodologies, assessments, quantification, treatment, exception management, and a maintained risk register with clear ownership and ...
Lead the enterprise cyber risk management program, including methodologies, assessments, quantification, treatment, exception management, and a maintained risk register with clear ownership and ...
Senior Cyber Risk & Compliance Specialist
Greenwood Village, CO · On-site
$150K - $170K/yr
This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit ...
Senior Cyber Risk & Compliance Specialist
Greenwood Village, CO · On-site
$150K - $170K/yr
This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit ...
Vice President, Cyber Governance, Risk & Compliance
Denver, CO · On-site
$240K - $260K/yr
Drive cyber risk appetite, exception management, and risk acceptance processes. * Oversee cyber and technology risk assessment methodologies and execution. * Develop and maintain executive and Board ...
Vice President, Cyber Governance, Risk & Compliance
Denver, CO · On-site
$240K - $260K/yr
Drive cyber risk appetite, exception management, and risk acceptance processes. * Oversee cyber and technology risk assessment methodologies and execution. * Develop and maintain executive and Board ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
Cyber Sys Secur Engr Sr
Littleton, CO · On-site
Coordinates and addresses Supply Chain risk management concerns. Develop, evaluate and analyze design constrains, trade-offs and detailed system and security design as they pertain to the Cyber ...
This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit ...
This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit ...
Cyber and Tech Risk UW SR
Arvada, CO · On-site +1
$100K - $119K/yr
Our cyber offerings are supported by proactive risk management services and data driven insights designed to strengthen operational resilience and reduce loss-putting prevention at the center of ...
Cyber and Tech Risk UW SR
Arvada, CO · On-site +1
$100K - $119K/yr
Our cyber offerings are supported by proactive risk management services and data driven insights designed to strengthen operational resilience and reduce loss-putting prevention at the center of ...
ESSENTIAL DUTIES Cyber & Risk Account Leadership & Planning * Develop and execute strategic account plans for assigned cyber and risk consulting accounts, establishing clear revenue targets ...
ESSENTIAL DUTIES Cyber & Risk Account Leadership & Planning * Develop and execute strategic account plans for assigned cyber and risk consulting accounts, establishing clear revenue targets ...
Cyber Risk & Compliance Specialist
Greenwood Village, CO · On-site
$115K - $125K/yr
Position Summary York Space Systems is seeking a Cyber Risk & Compliance Specialist to support the ... management processes, audit support, and governance initiatives. This position is ideal for an ...
Cyber Risk & Compliance Specialist
Greenwood Village, CO · On-site
$115K - $125K/yr
Position Summary York Space Systems is seeking a Cyber Risk & Compliance Specialist to support the ... management processes, audit support, and governance initiatives. This position is ideal for an ...
Cyber Risk Defense, Splunk Development Principal
Greenwood Village, CO · On-site
$169K/yr
Kaiser Permanente is expanding our Cyber Risk Defense program and seeking a highly skilled ... This senior level employee is primarily responsible for managing and directing the maintenance and ...
Cyber Risk Defense, Splunk Development Principal
Greenwood Village, CO · On-site
$169K/yr
Kaiser Permanente is expanding our Cyber Risk Defense program and seeking a highly skilled ... This senior level employee is primarily responsible for managing and directing the maintenance and ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO · On-site
$143K - $225K/yr
Define and operationalize the enterprise cyber risk management program, including risk identification, assessment, prioritization, escalation, and reporting. * Own executive and Boardlevel ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO · On-site
$143K - $225K/yr
Define and operationalize the enterprise cyber risk management program, including risk identification, assessment, prioritization, escalation, and reporting. * Own executive and Boardlevel ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
NISSC 3 Risk Manager
Colorado Springs, CO · On-site
$116K - $194K/yr
Significant experience (senior level) in risk management for complex programs, preferably in DoD, cyber, or systems/IT environments. Demonstrated expertise in proactively identifying, assessing, and ...
NISSC 3 Risk Manager
Colorado Springs, CO · On-site
$116K - $194K/yr
Significant experience (senior level) in risk management for complex programs, preferably in DoD, cyber, or systems/IT environments. Demonstrated expertise in proactively identifying, assessing, and ...
NISSC 3 Risk Manager
Colorado Springs, CO · On-site
$116K - $194K/yr
Significant experience (senior level) in risk management for complex programs, preferably in DoD, cyber, or systems/IT environments. Demonstrated expertise in proactively identifying, assessing, and ...
NISSC 3 Risk Manager
Colorado Springs, CO · On-site
$116K - $194K/yr
Significant experience (senior level) in risk management for complex programs, preferably in DoD, cyber, or systems/IT environments. Demonstrated expertise in proactively identifying, assessing, and ...
Advanced Cyber Threat Response & Forensics Lead/Manager
Denver, CO · On-site
$114K - $154K/yr
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Advanced Cyber Threat Response & Forensics Lead/Manager
Denver, CO · On-site
$114K - $154K/yr
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Cyber Risk Manager information
See Colorado salary details
$54.2K - $65.5K
4% of jobs
$65.5K - $76.8K
6% of jobs
$76.8K - $88.1K
11% of jobs
$92.4K is the 25th percentile. Wages below this are outliers.
$88.1K - $99.5K
11% of jobs
The median wage is $108.5K / yr.
$99.5K - $110.8K
23% of jobs
$110.8K - $122.1K
13% of jobs
$129.6K is the 75th percentile. Wages above this are outliers.
$122.1K - $133.4K
12% of jobs
$133.4K - $144.8K
8% of jobs
$144.8K - $156.1K
6% of jobs
$156.1K - $167.4K
4% of jobs
$167.4K - $178.8K
2% of jobs
$54.2K
$117.3K
$178.8K
How much do cyber risk manager jobs pay per year?
How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?
What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?
| Aspect | Cyber Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability testing |
| Employer & Industry Usage | Financial, healthcare, large enterprises | IT departments, security firms, corporate environments |
The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.
What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?
Can you make $200,000 in cyber security?
Can you make $500,000 a year in cyber security?
What does a cyber risk manager do?
Is a CISO a stressful job?

Asurion rating
7.2
Based on 84 frontline employees who took The Breakroom Quiz
121st of 208 rated it services
Job description
The Director, Cyber Risk leads Asurion's cyber and technology risk management discipline and is accountable for a consistent, outcome-driven program the business can rely on for decision-making. This strategic, cross-functional leader owns the end-to-end cyber risk lifecycle-identification, assessment, quantification, treatment, acceptance, monitoring, and reporting-along with the cyber risk register, risk appetite and tolerance framework, control assurance, and issues management. The Director partners closely with first-line control owners across security and technology, Portfolio Information Security Officers (PISOs), and key stakeholders in Enterprise Risk Management, Internal Audit, Legal, and Privacy. This role sets the standard for sound risk judgment, develops a high-performing team, and translates complex cyber risk into clear, defensible narratives for senior leadership and the board. This is a salaried, leadership role with enterprise impact, guiding a multi-year maturity uplift from ad hoc practices to scalable, evidence-based risk management.
Key Responsibilities- Own and continuously improve the cyber and technology risk management framework, methodology, taxonomy, and lifecycle aligned to NIST CSF 2.0, ISO 27001/27005, and applicable regulatory obligations.
- Define standards, procedures, and rating scales for consistent enterprise-wide risk identification, assessment, and reporting; partner with the PISO model to ensure common language and practices across portfolios.
- Lead enterprise cyber risk assessments across technology, business, regulatory, and emerging-risk domains to produce consistent, defensible determinations.
- Establish and operate a cyber risk quantification capability (e.g., FAIR-based) to express risk in business and financial terms and inform prioritization and investment decisions.
- Maintain the enterprise cyber risk register; ensure risks are well-described, owned, rated, and tracked to acceptable residual levels; develop and manage KRI/KCI programs for forward-looking posture.
- Operationalize the risk appetite and tolerance framework with the CISO and senior leadership; own risk acceptance and exception governance with clear, auditable documentation and time-bound approvals.
- Govern cyber risk policy structure, ownership, review cadence, and exception handling; chair or support cyber risk forums and escalate decisions to appropriate authority levels.
- Lead second-line, risk-based assurance over design and operating effectiveness of key cyber controls in coordination with first-line and Internal Audit; identify thematic weaknesses and drive structural remediation.
- Own issues and remediation management-intake, prioritization, owner assignment, tracking to closure, and escalation of aging items.
- Define and report outcome-focused metrics (e.g., residual risk trends, out-of-appetite reduction, early-versus-late finding ratios, incidents tied to accepted risk) in executive- and board-ready formats.
- Serve as primary point of contact for cyber risk in regulatory exams, audits, and carrier-partner due diligence.
- Integrate cyber risk into Enterprise Risk Management to ensure consistency in enterprise risk reporting and governance; partner with Legal, Privacy, Procurement, and technology leaders to embed risk-informed decisions.
- Oversee vendor/third-party risk within the cyber risk portfolio to ensure supply-chain risk is governed in line with enterprise practices.
- Build, lead, and develop a team of senior managers and analysts; set objectives, manage performance, and scale capacity through process improvement, tooling, and appropriate AI-assisted workflows.
- Bachelor's degree in a related field or equivalent professional experience.
- 10+ years in cybersecurity, IT/technology risk, or GRC, including 5+ years leading managers or multiple teams/domains.
- Proven experience designing, leading, or substantially maturing an end-to-end enterprise cyber/IT risk management program.
- Deep knowledge of NIST CSF 2.0, ISO 27001/27005, relevant regulatory regimes, and the three-lines-of-defense model.
- Experience operating a risk register, risk appetite/tolerance framework, and risk acceptance/exception governance.
- Hands-on experience with GRC/IRM platforms (e.g., ServiceNow IRM, Archer, OneTrust, or comparable).
- Excellent executive communication skills with a track record of briefing senior leadership and boards.
- Strong cross-functional influence partnering across security, technology, legal, privacy, and business teams.
- Preferred: CRISC, CISSP, CISM, or CISA; FAIR-based quantification experience; background in regulated or consumer-facing environments; experience with ERM integration and executive/board risk committees; Master's degree in a related field.
- Strategic risk leadership with the ability to connect cyber risk to business outcomes and investment decisions.
- Sound, defensible judgment under uncertainty; skilled in risk trade-offs and acceptance decisions.
- Expertise in risk quantification, KRI/KCI design, and outcome-based program metrics.
- Strong governance and policy acumen, including appetite/tolerance, exceptions, and escalation pathways.
- Proficiency in second-line control assurance and issues management, driving thematic remediation.
- Exceptional written and verbal communication; translates complex risk into clear, actionable narratives for executives and the board.
- Team leadership and talent development; builds high-performance teams and next-level leaders.
- Change agent mindset with process improvement, tooling, and automation competencies, including appropriate use of AI-assisted workflows.
- Collaboration and influence across ERM, Internal Audit, Legal, Privacy, Procurement, and technology organizations.
N/A
Physical Demands- Stationary Position: Frequently
- Vision: 20/20 corrected vision
- Hearing: Receive detailed information if spoken to