Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Business continuity management * Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship ...
Business continuity management * Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship ...
Business continuity management * Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship ...
Business continuity management * Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship ...
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Threat Detection * Incident Response * Security Architecture * Business Partnership Qualifications Required:
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Threat Detection * Incident Response * Security Architecture * Business Partnership Qualifications Required:
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Incident Response * Security Architecture * Business Partnership Qualifications Required: * Bachelor's degree or ...
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Incident Response * Security Architecture * Business Partnership Qualifications Required: * Bachelor's degree or ...
Cyber Network Security Architecture - Senior Manager
Hartford, CT · On-site
$112K - $151K/yr
... cyber risk programs * 4+ years of experience managing teams and delivering workstreams in a client service environment * 3+ years of experience serving in a leadership capacity over the ...
Cyber Network Security Architecture - Senior Manager
Hartford, CT · On-site
$112K - $151K/yr
... cyber risk programs * 4+ years of experience managing teams and delivering workstreams in a client service environment * 3+ years of experience serving in a leadership capacity over the ...
Cyber Network Security Architecture - Senior Manager
Stamford, CT · On-site
$118K - $159K/yr
... cyber risk programs * 4+ years of experience managing teams and delivering workstreams in a client service environment * 3+ years of experience serving in a leadership capacity over the ...
Cyber Network Security Architecture - Senior Manager
Stamford, CT · On-site
$118K - $159K/yr
... cyber risk programs * 4+ years of experience managing teams and delivering workstreams in a client service environment * 3+ years of experience serving in a leadership capacity over the ...
Through powerful solutions and managed services that simplify complexity, we enable our clients to ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Through powerful solutions and managed services that simplify complexity, we enable our clients to ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Through powerful solutions and managed services that simplify complexity, we enable our clients to ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Through powerful solutions and managed services that simplify complexity, we enable our clients to ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Cyber Data Protection/PKI Manager
$118K - $159K/yr
Work you'll do As a Manager, Strategy, Growth, and Transformation on the Cyber Strategy ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Cyber Data Protection/PKI Manager
$118K - $159K/yr
Work you'll do As a Manager, Strategy, Growth, and Transformation on the Cyber Strategy ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Cyber Data Protection/PKI Manager
Hartford, CT · On-site
$112K - $151K/yr
Work you'll do As a Manager, Strategy, Growth, and Transformation on the Cyber Strategy ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Cyber Data Protection/PKI Manager
Hartford, CT · On-site
$112K - $151K/yr
Work you'll do As a Manager, Strategy, Growth, and Transformation on the Cyber Strategy ... Includes design of the cyber organization, governance, and risk assessments. Qualifications ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team. * Manage and govern all critical security vendors, including MDR ...
Cyber Risks Leadership; Brokers; Underwriters; Claims; Cyber Services; Actuarial Job Summary ... line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit ...
Cyber Risks Leadership; Brokers; Underwriters; Claims; Cyber Services; Actuarial Job Summary ... line manager, the People & Sustainability or assurance teams (compliance, risk, internal audit ...
Assess and design risk management strategies for new and emerging digital asset business models, including regulatory, operational, BSA/AML, cyber, and financial risks. * Analyze business processes ...
Assess and design risk management strategies for new and emerging digital asset business models, including regulatory, operational, BSA/AML, cyber, and financial risks. * Analyze business processes ...
AI Security Engineer Senior Manager
Hartford, CT · On-site
$115K - $158K/yr
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Incident ... Response * Security Architecture * Business Partnership Qualifications Required: * Bachelor ...
New
AI Security Engineer Senior Manager
Hartford, CT · On-site
$115K - $158K/yr
Risk & Compliance * Identity & Access Management * Data Protection * Cyber Design * Incident ... Response * Security Architecture * Business Partnership Qualifications Required: * Bachelor ...
New
Cyber Risk Manager information
See Connecticut salary details
$49K - $59.2K
4% of jobs
$59.2K - $69.5K
6% of jobs
$69.5K - $79.7K
11% of jobs
$83.6K is the 25th percentile. Wages below this are outliers.
$79.7K - $90K
11% of jobs
The median wage is $98.1K / yr.
$90K - $100.2K
23% of jobs
$100.2K - $110.5K
13% of jobs
$117.2K is the 75th percentile. Wages above this are outliers.
$110.5K - $120.7K
12% of jobs
$120.7K - $131K
8% of jobs
$131K - $141.2K
6% of jobs
$141.2K - $151.5K
4% of jobs
$151.5K - $161.7K
2% of jobs
$49K
$106.1K
$161.7K
How much do cyber risk manager jobs pay per year?
How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?
What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?
| Aspect | Cyber Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability testing |
| Employer & Industry Usage | Financial, healthcare, large enterprises | IT departments, security firms, corporate environments |
The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.
What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?
Can you make $200,000 in cyber security?
Can you make $500,000 a year in cyber security?
What does a cyber risk manager do?
Is a CISO a stressful job?

Other
Re-posted 18 days ago
Deloitte rating
8.1
Based on 90 frontline employees who took The Breakroom Quiz
60th of 148 rated financial services
Job description
Power and Utilities OT (Operational Technology) - Manager
Position Summary
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cyber team and become a member of the largest group of cybersecurity professionals worldwide.
Recruiting for this role ends on 12/21/2026
Work you'll do
Responsibilities:
- Identify and evaluate complex business and technology risks
- Develop remediation methods to mitigate risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Identify opportunities to improve engagement profitability and manage engagement economics
- Demonstrate ability to with identify and address client needs: building solid relationships with clients; developing an awareness of Firm services; communicating with the client in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to the manager
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines
Required Skills:
- 7+ years of demonstrate advanced understanding and experience governing and implementing power and utility regulations and standards including:
- North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)
- NERC Operations and Planning (O&P)
- Federal Energy Regulatory Commission
- Transportation Security Administration (TSA) Cybersecurity
- IEC 62443 standard - Securing Industrial Automation and Control Systems (IACS)
- Nuclear Energy Institute (NEI) - NEI 08-09, 10 CFR 73.54
- 7+ years of demonstrate advanced understanding and cyber risk management in at least two of the following areas:
- SCADA with experience in securing ICS (Industrial Control Systems) security
- Internet of Things (IOT) architecture and security
- OT (Operational Technology) security
- NERC CIP-015 - Internal Network Security Monitoring (INMS)
- Embedded systems security
- OT network segmentation (zones/conduits), jump hosts, secure remote access
- Passive OT discovery/asset inventory, OT IDS, SIEM integration/use cases
- Incident response in OT (containment with availability/safety constraints)
- Vendor/OEM risk management, SBOM/patch constraints, compensating controls
- Security experience in the field environment within the Power, Utilities & Renewables, Oil & Gas, or Industrial Products & Construction industry sectors
- 7+ years of demonstrate advanced understanding of business processes and cyber risk management in an OT / SCADA environment in two or more areas such as:
- Cyber security
- Secure Supply Chain
- Security Analytics
- Security Operations Centers
- Vulnerability and Threat Management
- Data Security
- Secure Dev Ops
- Business continuity management
- Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF)
- Limited sponsorship opportunities may be available
Additional Requirements:
- Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve
- Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices.
Preferred:
- Minimum of 4 years working in an OT environment (e.g. OT security, ICS security, IOT security, SCADA, etc.)
- Minimum 4 years designing security for infrastructure, network and application architectures
- Experience in the Power Utilities & Renewables, Oil & Gas, or Industrial Products & Construction sector
- Demonstrated experience working with cloud platforms (AWS, Azure)
- 5+ years implementing security solutions
- BA/BS in cyber security, information security, engineering, computer science, information technology, information management, information sciences, business administration, or related field preferred
- CISSP, CISM, or CISA certification a plus
- Excellent verbal and written communication
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberES26
Power and Utilities OT (Operational Technology) - Manager
Position Summary
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cyber team and become a member of the largest group of cybersecurity professionals worldwide.
Recruiting for this role ends on 12/21/2026
Work you'll do
Responsibilities:
- Identify and evaluate complex business and technology risks
- Develop remediation methods to mitigate risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Identify opportunities to improve engagement profitability and manage engagement economics
- Demonstrate ability to with identify and address client needs: building solid relationships with clients; developing an awareness of Firm services; communicating with the client in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to the manager
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines
Required Skills:
- 7+ years of demonstrate advanced understanding and experience governing and implementing power and utility regulations and standards including:
- North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)
- NERC Operations and Planning (O&P)
- Federal Energy Regulatory Commission
- Transportation Security Administration (TSA) Cybersecurity
- IEC 62443 standard - Securing Industrial Automation and Control Systems (IACS)
- Nuclear Energy Institute (NEI) - NEI 08-09, 10 CFR 73.54
- 7+ years of demonstrate advanced understanding and cyber risk management in at least two of the following areas:
- SCADA with experience in securing ICS (Industrial Control Systems) security
- Internet of Things (IOT) architecture and security
- OT (Operational Technology) security
- NERC CIP-015 - Internal Network Security Monitoring (INMS)
- Embedded systems security
- OT network segmentation (zones/conduits), jump hosts, secure remote access
- Passive OT discovery/asset inventory, OT IDS, SIEM integration/use cases
- Incident response in OT (containment with availability/safety constraints)
- Vendor/OEM risk management, SBOM/patch constraints, compensating controls
- Security experience in the field environment within the Power, Utilities & Renewables, Oil & Gas, or Industrial Products & Construction industry sectors
- 7+ years of demonstrate advanced understanding of business processes and cyber risk management in an OT / SCADA environment in two or more areas such as:
- Cyber security
- Secure Supply Chain
- Security Analytics
- Security Operations Centers
- Vulnerability and Threat Management
- Data Security
- Secure Dev Ops
- Business continuity management
- Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF)
- Limited sponsorship opportunities may be available
Additional Requirements:
- Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve
- Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices.
Preferred:
- Minimum of 4 years working in an OT environment (e.g. OT security, ICS security, IOT security, SCADA, etc.)
- Minimum 4 years designing security for infrastructure, network and application architectures
- Experience in the Power Utilities & Renewables, Oil & Gas, or Industrial Products & Construction sector
- Demonstrated experience working with cloud platforms (AWS, Azure)
- 5+ years implementing security solutions
- BA/BS in cyber security, information security, engineering, computer science, information technology, information management, information sciences, business administration, or related field preferred
- CISSP, CISM, or CISA certification a plus
- Excellent verbal and written communication
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberES26