Cybersecurity Risk Management & Oversight * Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and ...
Cybersecurity Risk Management & Oversight * Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and ...
Cybersecurity Risk Management & Oversight * Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and ...
Cybersecurity Risk Management & Oversight * Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and ...
Senior Lead Technology Risk Officer - Technology Risk Management
Tempe, AZ · On-site
$159K - $254K/yr
In this role, you'll provide second line oversight of cybersecurity risk management practices across the enterprise, ensuring alignment with regulatory expectations, internal risk frameworks, and ...
New
Senior Lead Technology Risk Officer - Technology Risk Management
Tempe, AZ · On-site
$159K - $254K/yr
In this role, you'll provide second line oversight of cybersecurity risk management practices across the enterprise, ensuring alignment with regulatory expectations, internal risk frameworks, and ...
New
Risk Management & Framework Execution * Partner with business and risk stakeholders to support the ... Act as a subject matter expert on technology and cybersecurity risk and regulatory expectations.
Risk Management & Framework Execution * Partner with business and risk stakeholders to support the ... Act as a subject matter expert on technology and cybersecurity risk and regulatory expectations.
Senior Cybersecurity Risk Analyst - USA Remote
Phoenix, AZ · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
Senior Cybersecurity Risk Analyst - USA Remote
Phoenix, AZ · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
WS - Director, Cyber Security
Scottsdale, AZ · On-site
$107K - $145K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
WS - Director, Cyber Security
Scottsdale, AZ · On-site
$107K - $145K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
WS - Director, Cyber Security
$111K - $151K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
WS - Director, Cyber Security
$111K - $151K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
Sr. Analyst, Cyber Security
Tempe, AZ · Remote
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
Sr. Analyst, Cyber Security
Tempe, AZ · Remote
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
WS - Director, Cyber Security
$107K - $145K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
WS - Director, Cyber Security
$107K - $145K/yr
Risk Management: Identify and assess cybersecurity risks to the organization's information systems and data. Develop and implement risk mitigation strategies and controls. Monitor and evaluate the ...
Risk Treatment Specialist
Tempe, AZ · On-site
$108K - $185K/yr
Operational Risk, Financial Risk, Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit * Strong working knowledge of the inherent risks in the financial services ...
Risk Treatment Specialist
Tempe, AZ · On-site
$108K - $185K/yr
Operational Risk, Financial Risk, Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit * Strong working knowledge of the inherent risks in the financial services ...
Own and lead cybersecurity governance initiatives spanning risk identification, control design, policy management, and maturity improvement. * Serve as a subjectmatter expert for cyber risk ...
Own and lead cybersecurity governance initiatives spanning risk identification, control design, policy management, and maturity improvement. * Serve as a subjectmatter expert for cyber risk ...
Own and lead cybersecurity governance initiatives spanning risk identification, control design, policy management, and maturity improvement. * Serve as a subject-matter expert for cyber risk ...
Own and lead cybersecurity governance initiatives spanning risk identification, control design, policy management, and maturity improvement. * Serve as a subject-matter expert for cyber risk ...
Experience designing or significantly improving risk management programs or frameworks. Education * Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required;
Experience designing or significantly improving risk management programs or frameworks. Education * Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required;
Experience designing or significantly improving risk management programs or frameworks. Education * Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required;
Experience designing or significantly improving risk management programs or frameworks. Education * Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required;
Risk Treatment Specialist
Tempe, AZ · On-site
$108K - $185K/yr
Operational Risk, Financial Risk, Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit * Strong working knowledge of the inherent risks in the financial services ...
Risk Treatment Specialist
Tempe, AZ · On-site
$108K - $185K/yr
Operational Risk, Financial Risk, Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit * Strong working knowledge of the inherent risks in the financial services ...
Risk Treatment Specialist
Tempe, AZ · Hybrid
$108K - $185K/yr
Operational Risk, Financial Risk,Cyber Resilience, Cybersecurity, Risk Management, IT RiskandControl, and/or IT Audit * Strong working knowledge of theinherentrisksin the financial services industry
Risk Treatment Specialist
Tempe, AZ · Hybrid
$108K - $185K/yr
Operational Risk, Financial Risk,Cyber Resilience, Cybersecurity, Risk Management, IT RiskandControl, and/or IT Audit * Strong working knowledge of theinherentrisksin the financial services industry
If yes, consider joining Baker Tilly (BT) as an IT Audit, Cybersecurity & Risk Experienced ... Assess, manage and optimize information technology risk across a wide range of areas, IT general ...
New
If yes, consider joining Baker Tilly (BT) as an IT Audit, Cybersecurity & Risk Experienced ... Assess, manage and optimize information technology risk across a wide range of areas, IT general ...
New
Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business ...
Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business ...
Sr. Analyst, Cyber Risk Governance & Reporting
Tempe, AZ · Hybrid
$92K - $154K/yr
A Senior Risk Governance and Reporting Technology Analyst reports to the Information Security and ... management, including executive stakeholders * Understanding of cybersecurity principles ...
Sr. Analyst, Cyber Risk Governance & Reporting
Tempe, AZ · Hybrid
$92K - $154K/yr
A Senior Risk Governance and Reporting Technology Analyst reports to the Information Security and ... management, including executive stakeholders * Understanding of cybersecurity principles ...
Provide independent challenge and oversight of technology risk management practices across infrastructure, cloud, cybersecurity, product, and operational technology domains. * Provide independent ...
Provide independent challenge and oversight of technology risk management practices across infrastructure, cloud, cybersecurity, product, and operational technology domains. * Provide independent ...
Cyber Security Risk Management information
See Arizona salary details
$53.1K - $64K
1% of jobs
$64K - $75K
4% of jobs
$75K - $85.9K
5% of jobs
$85.9K - $96.8K
9% of jobs
$102.8K is the 25th percentile. Wages below this are outliers.
$96.8K - $107.8K
11% of jobs
$107.8K - $118.7K
10% of jobs
The median wage is $122.9K / yr.
$118.7K - $129.6K
28% of jobs
$135.9K is the 75th percentile. Wages above this are outliers.
$129.6K - $140.5K
14% of jobs
$140.5K - $151.5K
11% of jobs
$151.5K - $162.4K
4% of jobs
$162.4K - $173.3K
4% of jobs
$53.1K
$123.9K
$173.3K
How much do cyber security risk management jobs pay per year?
What are the key skills and qualifications needed to thrive as a Cyber Security Risk Management professional, and why are they important?
What is cyber security risk management?
What is the difference between Cyber Security Risk Management vs Cyber Security Analyst?
| Aspect | Cyber Security Risk Management | Cyber Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISM | CompTIA Security+, CEH, CISSP (preferred) |
| Work Environment | Policy development, risk assessment, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Organizations focusing on risk mitigation and compliance | Organizations implementing and maintaining security measures |
Cyber Security Risk Management professionals focus on identifying, assessing, and mitigating security risks at an organizational level, often involved in policy and strategy. Cyber Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the same industry, their core responsibilities differ: risk managers develop strategies, whereas analysts execute security measures and respond to threats.
What does a cyber risk manager do?
What are some typical challenges faced by professionals in Cyber Security Risk Management, and how can they be addressed?
Can you make $500,000 a year in cyber security?
Can I make $200,000 a year in cyber security?
Is security risk management a good career?
Other
Medical, Dental, Vision, Retirement, PTO
Re-posted 13 days ago
Job description
Description
As a First Line of Defense Cybersecurity Risk Director within the Enterprise Technology Security (ETS) Risk organization, you will provide strategic leadership in protecting the organization against evolving cyber threats while enabling business innovation. This role is accountable for the design, execution, and continuous maturity of the cybersecurity risk management framework, ensuring cyber risks are proactively identified, assessed, mitigated, monitored, and transparently reported. You will serve as a trusted advisor to senior leadership, translating complex cybersecurity and technology risks into clear business impacts and risk-based decisions aligned to enterprise risk appetite. The role partners closely with Technology, Corporate Security, Legal, Compliance, Risk, Audit, and business leaders to ensure cybersecurity risk strategies are fully integrated with business objectives, regulatory expectations, and enterprise resilience goals. You will also lead and develop a high performing team of cybersecurity risk professionals, fostering a culture of strong risk discipline, constructive challenge, and continuous improvement across the organization.
Key Responsibilities
Leadership & Strategy
- Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise.
- Define and evolve the cybersecurity risk management strategy and operating model, ensuring alignment with enterprise risk appetite, regulatory requirements, and business priorities.
- Translate cyber and technology risks into business relevant impacts, enabling senior management to make informed, risk-based decisions.
Cybersecurity Risk Management & Oversight
- Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and monitoring of cyber and technology risks.
- Define and maintain key risk indicators (KRIs), controls, and control testing strategies to measure cybersecurity risk exposure and control effectiveness.
- Provide oversight of Risk and Control Self Assessments (RCSAs), Targeted Risk Reviews, business initiative risk assessments, and issue management, ensuring timely remediation and sustainable risk reduction.
- Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs.
Business Partnership & Advisory
- Act as a strategic risk advisor to business lines and technology leaders, providing day to day guidance on regulatory compliance, risk mitigation, and industry best practices.
- Advise on new products, processes, technologies, and strategic initiatives, ensuring appropriate risk identification, control design, and governance approvals are in place.
- Guide business partners through enterprise governance forums and approval processes, ensuring cyber risks are understood, documented, and appropriately managed.
Regulatory, Audit & External Engagement
- Serve as the primary risk lead for regulatory exams and audits related to cybersecurity and technology risk for assigned products or functions.
- Partner with Internal Audit, and second line stakeholders, leading exam preparation, responses, and ongoing issue remediation.
- Ensure compliance with applicable laws, regulations, and supervisory guidance, including FFIEC, GLBA, SOX, and other relevant standards.
Collaboration & Stakeholder Management
- Build and maintain strong, trusted relationships with business partners, technology leaders, security teams, project stakeholders, and subject matter experts.
- Collaborate across lines of defense to provide effective challenge while enabling responsible innovation and delivery.
- Promote a culture of cybersecurity awareness and operational resilience across the organization.
Qualifications - Experience & Skills
- 10+ years of experience in Cybersecurity and/or Information Technology, with deep exposure to enterprise environments.
- 10+ years of risk management experience within financial services, preferably in cybersecurity, technology risk, or operational risk.
- Strong experience with cloud technologies (IaaS, PaaS, SaaS), DevSecOps, web applications, operating systems, databases, and networking.
- Broad knowledge of cybersecurity domains including:
- Network and infrastructure security
- Vulnerability and configuration management
- Identity and Access Management including Customer Identity
- API and application security
- Data protection and cryptography
- Operational resilience
- Incident, problem, and change management
- Experience operating in a highly regulated environment under significant supervisory scrutiny.
- Solid understanding of internal controls, risk assessments, and governance processes.
- Working knowledge of FFIEC guidance, GLBA, SOX, and related regulatory frameworks.
- Familiarity with leading industry frameworks, including Cybersecurity Risk Institute, NIST Cybersecurity Framework, Cloud Security Alliance, NIST 800 53, and ISO 27001.
- Demonstrated ability to synthesize complex risk data, prioritize mitigation actions, and influence outcomes.
- Exceptional communication and executive presence skills, with the ability to engage all levels of the organization.
- Proven leadership, coaching, and talent development experience.
- Strong project and program management capabilities across multiple stakeholders.
Education & Certifications (Preferred)
- Bachelor's Degree required; Master's Degree preferred.
- Professional certifications strongly preferred, including:
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Cloud security specialty certification in AWS and Azure
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
Hours & Work Schedule
- Hours per Week: 40
- Work Schedule: Monday-Friday
- Hybrid: 4 days onsite, 1 day remote
Pay Transparency
The salary range for this position is $190,000 - $240,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.
We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .
#LI-Citizens1
Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Education:Why Work for UsEmployment Type: 1ST